The number of successful endpoint attacks is up, the number of unknown threats is up, and the financial consequences of these attacks are more severe, according to the 2018 State of Endpoint Security Risk survey from Ponemon Institute. To make matters worse, organizations aren’t particularly confident in their ability to detect, prevent and respond to endpoint attacks. Let’s take a closer look at the findings of the report.
Nearly two-thirds of respondents said their organization experienced at least one endpoint attack that compromised data and/or IT infrastructure in the past year, up 17 percent from the previous year. The financial impact of a breach jumped from $5 million to $7.12 million, including costs of downtime, data theft, productivity loss, IT infrastructure damage, reputation damage, lawsuits and compliance violations.
Sixty-three percent said attack frequency has increased or increased significantly since last year, but just 40 percent of respondents believe their organization has the resources required to minimize endpoint risk.
Perhaps most troubling is the fact that respondents said, on average, 52 percent of endpoint attacks cannot be realistically prevented. Why would IT security professionals believe so many of these attacks are unstoppable? Of the organizations that were compromised, 76 percent of respondents said the attack involved an unknown, zero-day threat, which can find and exploit a vulnerability on the same day. Just 19 percent of organizations were compromised by a known threat.
The prevalence of unknown threats is especially problematic when you consider that the average time to deploy a security patch is 102 days. Forty-three percent of respondents with a patch management process say they need to spend more time testing and rolling out patches to avoid mistakes and ensure that the performance of business applications isn’t affected. Only 31 percent are patching more quickly than they were a year ago.
Despite the prevalence of attacks involving unknown threats, three in 10 respondents believe their traditional, signature-based antivirus tools provide the necessary protection against all serious attacks, including unknown threats.This data reveals a disturbing lack of knowledge as signature-based tools can only detect known threats based on existing signatures. And it helps explain why antivirus solutions are only detecting and blocking 43 percent of attacks.
When asked to identify their biggest challenges with antivirus, 58 percent of respondents said they’re receiving a high number of alerts and false positives, which are draining resources and distracting from legitimate threats. Forty-one percent said antivirus is too complex to deploy and manage.
For many small to midsize businesses, partnering with a managed service provider (MSP) is the only reliable, effective way to reduce the risk of attacks on endpoint devices. An MSP can remotely monitor and manage your entire IT environment and make sure that patches and updates are applied quickly. They can also assist with the deployment and management of advanced security tools, such as advanced antivirus and email security solutions, that are capable of detecting unknown threats without a flood of irrelevant alerts.
The SSD Assurance program puts an entire team to work for your organization. We review your IT environment, run tests to identify vulnerabilities, and use multilayer security solutions to minimize risk. Once the right tools and processes are in place, we perform routine maintenance, including software patches, and respond quickly to alerts and unusual activity. Let us show you how SSD Assurance can minimize the endpoint security problems that continue to plague most organizations.