Survey: Endpoint Attacks Up, Confidence in Anti-Malware Tools Down
In a recent Ponemon Institute study, just 27 percent of IT pros were willing to say that traditional signature-based anti-malware solutions provided sufficient security protections against new and unknown threats (down from 29 percent in the prior year).
Published last month and sponsored by Morphisec, the study ("Third Annual Study on the State of Endpoint Security Risk," available via sign-up here) polled 671 IT pros. Its findings suggested that most organizations have been attacked and their confidence in the effectiveness of anti-virus protections continues to be low.
The study also found a high use of the Microsoft Windows Defender anti-malware solution. Eighty percent of respondents used Windows Defender, while 34 percent had it. Forty-six percent said they planned to use Windows Defender in the near future. Windows Defender was perceived to be "on par with other antivirus tools," per 43 percent of the respondents.
Risk perceptions were heightened in the study, with 36 percent of the respondents indicating that endpoint risk seemed to be greater than a year ago. In the prior year's study, 29 percent had said the endpoint risk seemed greater.
In the last two years, 68 percent of the respondents said that their organizations had experienced endpoint attacks that had "successfully compromised data assets and/or IT infrastructure" (up from 64 percent in the prior-year's study). These attacks resulted in the following damages:
- "IT and end-user productivity loss" (37 percent)
- Information theft (30 percent)
- System downtime (15 percent)
- IT infrastructure damage (9 percent)
- Brand damage (5 percent) and
- Legal issues (4 percent).
These successful attacks were characterized as "advanced" (that is, "new or unknown zero-day attacks") by 80 percent of respondents.
Confidence in the IT security team's ability to detect endpoint attacks, on a scale of 1 to 10, was centered in the "5 to 6" range (29 percent), followed by "7 to 8" (26 percent) and "9 to 10" (23 percent). Slightly more than half put the blame on their endpoint security software.
"More than half of respondents (51 percent) say their organizations are ineffective at surfacing threats because their endpoint security solutions are not effective at detecting advanced attacks," the report indicated.
The patch process continues to bog down organizations. It took them an average of 97 days to "apply, test and fully deploy patches," according to the study. Forty percent of respondents said that patching is taking them more time, although 33 percent said they were patching more quickly.
Only 14 percent of organizations had "dedicated internal security staff." Most organizations used a combination of in-house and outsourced staff for security, or they completely outsourced it (27 percent).
Of the 671 respondents, the largest segment (32 percent) were described as IT technicians or analysts. More than half (58 percent) were "at or above the supervisory level."
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.