Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:00 PM
Connect Directly

Majority Of Enterprises Finally Recognize Users As Endpoint's Weakest Vulnerability

The Ponemon State of the Endpoint report shows endpoint management continues to grow more difficult.

As enterprises grow mature in their IT security practices, more of them are attributing endpoint risks to user behavior, rather than fixating on the vulnerabilities attackers ultimately use to break into systems, a new Ponemon Institute survey shows. Querying 703 IT and IT security practitioners, the State of the Endpoint study shows that 78% consider negligent or careless employees who do not follow security policies as the biggest threat to endpoint systems.

"Rather than looking to fix a particular device vulnerability with a single, silver bullet technology, this new study shows IT attributes risk to people," says Chris Merritt, director of solutions marketing for Lumension, which funded the survey. "Cybercriminals launch their attacks, and it's the job of IT and, quite frankly, every user to defend against them. This is a welcome culture shift, but unfortunately, it doesn't necessarily make things any easier."

In fact, 71% of respondents reported that managing endpoint risk has grown more difficult over the last two years. Though they reported user behavior as the biggest obstacle to managing endpoints effectively, the task is not being made any easier by the proliferation of devices connected to consumer cloud applications. Approximately 68% cite the significant increase in the number of personal devices connected to the network as a top endpoint security concern, and 66% point to the use of commercial cloud applications in the workplace as a big problem.

Meanwhile, attacks continue to accelerate. Nearly 70% of respondents said malware at the endpoint increased in severity last year. Approximately 80% of organizations reported web-borne malware as the most frequent attack vector, and the biggest increases in attacks came by way of zero-day attacks, APTs, and spearphishing. The applications most likely to be used by attackers were Adobe applications, applications using Java, and third-party cloud productivity apps.

The combination of user risks, proliferation of devices and apps, and increased attacks has 68% of organizations reporting that endpoint security is becoming a more important component of their overall IT security strategy.

"IT continues to battle malware at the endpoint," said Dr. Larry Ponemon, chairman of the Ponemon Institute. "While it is positive news that companies are making the security of endpoints a higher priority, to win the war they need to recognize the criticality of minimizing employee negligence and investing in technologies that improve the ability to detect malicious attacks."

Those investments will continue to grow at many organizations, with 45% of respondents reporting that they'll get more money to spend on security in 2015. As they figure out how to spend it, 95% of organizations report that they're moving away from prevention-oriented strategy and toward a detect-and-respond approach. They'll do that by employing big data and threat intelligence to analyze threats better in real-time.

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-14
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page
PUBLISHED: 2021-04-14
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI.
PUBLISHED: 2021-04-14
Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system funct...
PUBLISHED: 2021-04-14
An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 (in YubiHSM SDK before 2021.04). The handler did not validate the length of the request, which can lead to a state where yubihsm-connector becomes stuck in a loop waiting for the YubiHSM to send i...
PUBLISHED: 2021-04-14
AjaxSearchPro before 4.20.8 allows Deserialization of Untrusted Data (in the import database feature of the administration panel), leading to Remote Code execution.