Most companies lack processes, governance, required to stop cyber attacks

More than half of companies (54%) perceive the lack of governance and control processes as the biggest gaps in stopping attacks on endpoints, according to a recent survey of IT professionals in the US .

On average, respondents believe 49 percent of attacks on an organization’s endpoints can be realistically stopped with enabling technologies, processes and in-house expertise.

The main obstacle to mitigating these attacks is a lack of governance and control processes, which would include training and awareness programs for employees and enforcement of endpoint security policies.

Lack of in-house expertise was mentioned by 26% of respondents while lack of enabling technologies is a concern for 20% of IT professionals.

Zero-day attacks are the most serious type of incidents and compromises for companies, according to 71 percent of respondents in the survey. DDoS was second, at 68 percent. Negligent or careless employees who don’t follow security policies are the biggest threat to endpoint security in organizations, according to the report, cited by HOTforSecurity.

The inability to identify critical assets or data and to properly react to security breaches is a major deficit of all companies, from small to large, as Business Insights previously noted. Attackers targeting non-critical systems could gain access to confidential business information that should be stored on a segregated network or infrastructure. The disclosure of classified information could have devastating consequences for a company’s financial health.