Infosec pros have shaky confidence in endpoint security: Survey

APTFilter AVGNews CERT-LatestNews FSecureNews KasperskyNews Malware McAfeeNews Security News SocialEngineering SophosNews SymantecNews ThreatsActivists ThreatsCybercrime ThreatsEconomic ThreatsStrategic TrendMicroNews Uncategorized VulnerabilitiesAdobe VulnerabilitiesAll VulnerabilitiesApple VulnerabilitiesApplications VulnerabilitiesCisco VulnerabilitiesCrypto VulnerabilitiesDBMS VulnerabilitiesFirmware VulnerabilitiesGoogle VulnerabilitiesHardware VulnerabilitiesLinux VulnerabilitiesMicrosoft VulnerabilitiesMozilla VulnerabilitiesNetwork VulnerabilitiesOS VulnerabilitiesVMWare VulnerabilitiesVOIP

The endpoint is one of the first places that face a cyber attack, but if a recent survey of IT pros conducted for a Canadian security vendor is right almost half are unhappy with their organization’s endpoint security solution.

Forty-eight per cent of the 556 IT and IT security practitioners in the United States who responded to questions said they are either not satisfied (23 per cent) or disappointed (25 per cent) with their current endpoint security solution. Twenty-one per cent of respondents said they don’t have endpoint solutions.

Only 27 per cent of respondents rated their organizations’ ability to prioritize the endpoint devices that pose the greatest risk as highly effective and only 30 per cent of respondents say they are highly effective in detecting insecure or off-line endpoints. About one-third of respondents said they are very effective in minimizing false positives in the detection of insecure or off-line devices and 34 per cent of respondents say they are very effective in minimizing the damages caused by these endpoints.

How confident are you that your organization can monitor endpoint devices off the corporate network?

The survey done by the Ponemon Institute for Vancouver’s Absolute Software. The company makes endpoint solutions.

The results don’t speak well for endpoint security — at least at the organizations represented by respondents.

Among the numbers:

–Seventy-five per cent of respondents said the most common security gap on their endpoint was out of date or unpatched software, followed by applications that have been have been removed or corrupted (55 per cent) and unprotected sensitive or confidential information (46  per cent);

–Fifty-three per cent of respondents say the volume or frequency of malware-infected endpoints as significantly increased (17 per cent) or increased (36 per cent) in the past year. A smaller percentage (46 per cent) of respondents say the severity has increased significantly (15 per cent) or increased (31 per cent) in the past 12 months;

–Enterprises are overwhelmed by endpoint alerts. An organization can receive an average of nearly 615 endpoint alerts in a typical week, respondents said. Of all alerts, 45 per cent are considered reliable; an average of 61 percent or 369 of these alerts involve malware infections;

After respondents estimated their staff spent an average of 1,156 hours each week to detect and contain insecure endpoints, and assuming staff are paid US$62,10 an hour, it costs organizations an average of US$1.37 million annually in time wasted responding to erroneous malware alerts;

–Fifty-six per cent of respondents say they are not (41 per cent) or are unsure (15 per cent) they are able to determine compliance for endpoint devices. The most common method used is manual analysis and inspection. Only 28 per cent of respondents say their organizations rely upon automated analysis and inspection to determine compliance.

Judging by these numbers at the very least patching will have to dramatically increase for endpoint security to be effective.

Click here to read the full report

Infosec pros have shaky confidence in endpoint security: Survey