An alarming 89% of VP and C-Level IT Leaders have a heightened fear of a breach over the next year
Only 32% of Respondents Have Advanced Endpoint Security in Place Even As 73% Agree Endpoints are ‘Most Vulnerable’ to an Attack
Needham, Mass. – November 12, 2015 – Promisec, a pioneer in endpoint security and compliance solutions, today announced the results of survey of IT security professionals which found that endpoint security solutions today continue to lag, failing to provide protections or detections adequate to protect against today’s security threats. Survey results point to increased security gaps and vulnerabilities in spite of widespread fear of security breaches, when compared to a year-ago survey that Promisec published.
Fewer companies today (32%) said they have advanced endpoint security protections in place, which is down from 39% last year, even though an increasing number of respondents (73% this year vs 58% last year) consider endpoints to be “most vulnerable” to a cyber-attack. Although more respondents recognize that endpoints are vulnerable to a cyber-attack, fewer companies today said they have endpoint protection in place compared with last year. In addition, 67% of respondents said the number of endpoints is rising, down from 76% last year.
An increased number of respondents (74%) said traditional anti-virus defenses no longer address advanced targeted threats and only 26% believe they will play a vital role in the future. This compares to 58% and 19% respectively, in last year’s survey, which illustrates a continued trend away from traditional anti-virus defenses.
The survey found that 82% of IT professionals are either ‘highly’ or ‘moderately’ concerned about a potential security breach in the next year but only 31% say they are ‘well prepared’ for a cyber-attack. 73% of respondents consider endpoints, such as desktops, laptops and mobile devices, to be the “most vulnerable” part of the network. In spite of significant concern of a potential data breach and the value of endpoint security, most companies have inadequate defenses in place.
Case in point, only 31% of companies said they were able to complete Microsoft patch updates in less than a week even though these updates play key role eliminating known vulnerabilities. Moreover, 40% said it took up to a month (compared to 34% last year), 13% said it look over a month (compared with 19% last year), and 16% “never” achieved full rollout of updates, up slightly from 14% last year). In spite of these endpoint security challenges, only 25% have a dedicated endpoint security budget, down from 30% last year.
These findings indicate little change from last year, implying there is stronger reason to believe that the hackers would have susceptible environments with which to breach. Security awareness may be up, but actions are unchanged.
Approximately half of respondents continue to agree that there is a bigger need for SIEM and/or advanced threat detection and correlation systems to have deeper endpoint analytics. The respondents categorized it as ‘very important’ as endpoints are a common attack point and monitoring these points of entry are vital to identifying an attack and taking steps toward remediation.
A majority of VP and C-Level IT leaders surveyed indicated a heightened fear of a security breach in the coming year and acknowledged a rapidly shifting security landscape, which now includes endpoint security.
“Results from our survey indicate that for many companies, endpoints remain highly vulnerable to a cyber-attack as threat levels continue to rise,” said Dan Ross, CEO of Promisec. “We continue to see new breed of more complex and sophisticated threats, where traditional blocking and prevention mechanisms, such as firewall, anti-virus and anti-malware software, are no longer enough to keep our networks safe. Companies need to aggressively fortify their endpoint security infrastructure as a critical part of their total security portfolio in order to keep pace with the rapid evolution of today’s most severe threats.”
Companies Struggle to Keep Pace with Advanced Targeted Threats
The survey was conducted between November 2, 2015, and November 9, 2015, and reflects responses from over 150 IT decision makers including senior management, security managers, directors, and network and systems engineers.
To learn more about Promisec and its offerings, please visit: www.promisec.com
Promisec is a pioneer in endpoint visibility and remediation, empowering organizations to avoid threats and disarm attacks that can lead to unwanted headlines and penalties. Promisec’s technology assures users that their endpoints are secure, audits are clean, regulations are met and vulnerabilities are addressed proactively to ensure the integrity of enterprise IT. The Promisec Endpoint Management solution provides the power of agentless visibility and remediation before these threats can have impact, ensuring endpoint security, compliance and operational efficiency. More than 400 globally recognized companies, including Amdocs, Fossil, Teva and Wellpoint, trust in Promisec to stay secure, compliant and operationally efficient. Visit www.promisec.com for more information.
Michael Gallo for Promisec