Seventy six percent of respondents see an increase in the
severity of Malware attacks; they also find Malware attacks harder to detect
WALTHAM, Mass. (April 19, 2016)— CounterTack, the leader in Big Data Endpoint Detection and Response (EDR), in partnership with the Ponemon Institute, a leading IT Security research organization, today released the results of the 6th Annual Ponemon Institute study titled “2016 State of Endpoint Report.” With an increase in ransomware attacks making news headlines in recent weeks, it is telling that 56 percent of respondents indicate that their companies are not equipped to deal with these threats. In addition, 80 percent of respondents say that employees are the biggest threat to the company, not hackers.
Known in the security industry as ‘destructive software,’ ransomware attacks against endpoints (defined as laptops, desktops, smartphones, printers, POS machines, or ATMs) have recently taken place against hospitals in California, Kentucky and Maryland. Attacks have increased in severity to the point that the F.B.I issued an alert in late March according to Reuters asking businesses for help in the fight against ransomware.
“Hackers are relentless, they won’t take ‘no’ for an answer and unless you have mechanisms in place to either slow them down or stop attacks against your endpoints, your data and IP is at serious risk,” said Michael Davis, CTO, CounterTack. “What is most concerning is that the malware used widely in today’s attacks give a hacker complete access to an organization's data not just the device. Long gone are the days of simple fraud and identity theft as the main attacker goal. This endpoint study is a clear call to action for organizations of any size that if hacked, your data will be targeted, sold and distributed and the only way to prevent that from happening is to secure the devices accessing your data-endpoints.”
The Ponemon Institute surveyed 694 U.S. IT security practitioners who are involved in endpoint security in a variety of organizations. Additional key findings from the study include:
- Laptops Pose the Biggest Endpoint Threat to Enterprises: Forty-three percent of organizations believe laptops are the biggest endpoint threat, followed by Smartphones at 30 percent, Tablets at 19 percent and USB sticks at six percent.
- Mobile Devices Are Believed to be the Faster Growing Threat: Eighty-six percent of respondents believe that mobile devices such as smart phones (Android, iPhone, Blackberry) are the greatest risk.
- The Most Unsecured Desktop and Mobile Operating Systems: Twenty-eight percent of respondents believe that Android is the most unsecured, Windows was second at 23 percent, iOS was third at 19 percent.
- Organizations Face a More Difficult Time Enforcing Endpoint Security Policies: Thirty-five percent of organizations believe enforcing their own endpoint security policies have become more difficult in 2016 versus only 31 percent in 2015. In total, 71 percent of respondents find it difficult to enforce.
- Endpoint Devices Connected to the Network Aren’t All Secured: Surprisingly, nearly one third of respondents (28 percent) said that half or more of the endpoint devices connected to their network aren’t secured. Three percent of respondents said none of the devices are secured.
- Certain Applications Increase Vulnerabilities and IT Risk: Sixty-two percent of respondents believe that Adobe applications pose the biggest threat to endpoints, and Java applications was second at 54 percent.
To access the full report, go to http://www.countertack.com/2016-state-of-the-endpoint-report.
To access the on-demand session where Dr. Ponemon and CounterTack CTO Michael A. Davis discuss what these trends mean from a practical standpoint of improving endpoint security posture, go to http://www.countertack.com/webinar-state-of-the-endpoint.
“Respondents to this endpoint study confirm a growing three-fold concern about malware attacks that are becoming more severe in nature, but also stealthier and difficult to detect confirms what we see in the news, more attacks in pursuit of data, IP and financial gain,” said Larry Ponemon, President, Ponemon Institute. “Today, enterprises need to be vigilant in educating employees, enforcing security policies and securing all endpoints, if they have any hope of minimizing their risk associated with breaches.”