Study: Mobile Devices Escalating Endpoint Security Risks

Maintaining endpoint security is tougher than ever, security professionals say, thanks largely to the huge influx of mobile devices.

According to the annual State of the Endpoint study, conducted by the Ponemon Institute and sponsored by Lumension, 71 percent of security professionals believe that endpoint security threats have become more difficult to stop or mitigate over the past two years.

More than 75 percent said mobile devices pose the biggest threat in 2014, up from just 9 percent in 2010, according to Ponemon. Some 68 percent say their mobile devices have been targeted by malware in the past 12 months, yet 46 percent of respondents say they do not manage employee-owned mobile devices.

"We've seen the threat landscape fundamentally change over the last five years," said Larry Ponemon, head of the Ponemon Institute. "Trending data shows increasing concern, year over year, over the explosion of mobile devices on the network. It's now IT's greatest risk. And unfortunately, 46 percent of our respondents report no efforts are in place to secure them."

Advanced persistent threats (APTs) are also increasingly concerning for survey respondents. This year, 39 percent report APTs as one of their most concerning risks, up 55 percent from 2009. While 40 percent report they were a victim of a targeted attack in the past year, another 25 percent say they aren't sure if they have been, which suggests that many organizations don't have security mechanisms in place to detect such an attack, the study says. For those that have experienced such an attack, spear-phishing emails sent to employees were identified as the No. 1 attack entry point.

Respondents also report that the volume of malware continues to be an escalating problem. The survey found that 41 percent say they experience more than 50 malware attacks a month, up 15 percent from those that reported that amount three years ago. And malware attacks are costly, with 50 percent saying their operating expenses are increasing and 67 percent saying malware attacks significantly contributed to that rising expense.

Despite rising costs, IT budgets have not increased for the majority of survey respondents. While 65 percent say they prioritize endpoint security, just 29 percent say their budgets have increased in the past 24 months.

The Ponemon Institute and Lumension will hold a webcast on Jan. 8 to discuss the study results.

Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.