Figure this one out: Only 39 percent of companies have advanced endpoint security protections in place, but 74 percent consider endpoints to be “most vulnerable” to a cyber-attack, a new report said. On top of that, 76 percent said the number of endpoints is rising.
In addition, 58 percent of respondents said traditional anti-virus defenses no longer address advanced targeted threats and only 19 percent believe they will play a vital role in the future, according to a survey by security firm, Promisec.
Just to add to the level of curiosity, 70 percent of IT professionals are either “highly” or “moderately” concerned about a potential security breach in the next year but only 32 percent said they are “well prepared” for a cyber-attack.
Of those surveyed, 74 percent consider endpoints, such as desktops, laptops and mobile devices, to be the “most vulnerable” part of the network. Only 32 percent of companies said they were able to complete Microsoft patch updates in less than a week even though these updates play a key role eliminating known vulnerabilities. Moreover, 34 percent said it took up to a month, 19 percent said it took over a month and 14 percent “never” achieved full rollout of updates. In spite of these endpoint security challenges, only 30 percent have a dedicated endpoint security budget.
More than half of respondents said there is a bigger need for security information and event management (SIEM) and/or advanced threat detection and correlation systems to have deeper endpoint analytics. The respondents categorized it as “very important” as endpoints are a common attack point and monitoring these points of entry are vital to identifying an attack and taking steps toward remediation.
A majority of VP and C-Level IT leaders surveyed indicated a heightened fear of a security breach in the coming year and acknowledged a rapidly shifting security landscape, which now includes endpoint security.
• 33 percent of VP and C-Level IT leaders surveyed said they have advanced endpoint protections in place but 75 percent said they have a need for deeper endpoint analytics to assist in threat detection.
• Nearly 70 percent of VP and C-Level IT leaders put endpoints at the top of their most vulnerable list.
• A majority of VP and C-Level IT Leaders (83 percent) said antivirus solutions are not part of their future for protecting against advanced threats.
• 86 percent of VP and C-Level IT Leaders have a heightened fear of a breach over the next year.
“The security landscape continues to evolve in response to a new breed of more complex and sophisticated threats, where traditional blocking and prevention mechanisms, such as firewall, anti-virus and anti-malware software, are simply no longer enough to keep our networks safe,” said Dan Ross, chief executive of Promisec. “Our survey indicates that companies have begun to embrace endpoint security as a critical part of their total security portfolio, but have yet to adopt a robust endpoint monitoring and remediation infrastructure to address today’s most severe threats.”
Companies struggle to keep pace with advanced targeted threats:
• 55 percent of respondents say they are “not confident” that the security measures they have in place will protect against all scenarios.
• 40 percent of respondents said that they are only ‘modestly’ keeping up with BYOD and mobility trends as the number of endpoints increase on their network.
• 45 percent of respondents said there has been only a ‘modest increase’ in their companies stepping up its focus on security in response to threats but there are still possible gaps in security.
• 58 percent said employees are reasonably compliant and use caution but believe they could do a better job establishing and enforcing basic protocols.
• 56 percent of respondents said that patching, remediation, and compliance are the biggest challenges relative to endpoint security.
Click here to download an endpoint security infographic.