As enterprises grow mature in their IT security practices, more of them are attributing endpoint risks to user behavior, rather than fixating on the vulnerabilities attackers ultimately use to break into systems, a new Ponemon Institute survey shows. Querying 703 IT and IT security practitioners, the State of the Endpoint study shows that 78% consider negligent or careless employees who do not follow security policies as the biggest threat to endpoint systems.
"Rather than looking to fix a particular device vulnerability with a single, silver bullet technology, this new study shows IT attributes risk to people," says Chris Merritt, director of solutions marketing for Lumension, which funded the survey. "Cybercriminals launch their attacks, and it's the job of IT and, quite frankly, every user to defend against them. This is a welcome culture shift, but unfortunately, it doesn't necessarily make things any easier."
In fact, 71% of respondents reported that managing endpoint risk has grown more difficult over the last two years. Though they reported user behavior as the biggest obstacle to managing endpoints effectively, the task is not being made any easier by the proliferation of devices connected to consumer cloud applications. Approximately 68% cite the significant increase in the number of personal devices connected to the network as a top endpoint security concern, and 66% point to the use of commercial cloud applications in the workplace as a big problem.
Meanwhile, attacks continue to accelerate. Nearly 70% of respondents said malware at the endpoint increased in severity last year. Approximately 80% of organizations reported web-borne malware as the most frequent attack vector, and the biggest increases in attacks came by way of zero-day attacks, APTs, and spearphishing. The applications most likely to be used by attackers were Adobe applications, applications using Java, and third-party cloud productivity apps.
The combination of user risks, proliferation of devices and apps, and increased attacks has 68% of organizations reporting that endpoint security is becoming a more important component of their overall IT security strategy.
"IT continues to battle malware at the endpoint," said Dr. Larry Ponemon, chairman of the Ponemon Institute. "While it is positive news that companies are making the security of endpoints a higher priority, to win the war they need to recognize the criticality of minimizing employee negligence and investing in technologies that improve the ability to detect malicious attacks."
Those investments will continue to grow at many organizations, with 45% of respondents reporting that they'll get more money to spend on security in 2015. As they figure out how to spend it, 95% of organizations report that they're moving away from prevention-oriented strategy and toward a detect-and-respond approach. They'll do that by employing big data and threat intelligence to analyze threats better in real-time.