As a rule, we don’t sensationalize. Cybersecurity is complex and confusing enough, so we focus on the facts since they can be scary enough.
That being said, we also feel it’s important for business and consumers to thoroughly understand their risks and what they’re up against. We want you to be informed so you can protect your digital assets and while being able to address data breaches quickly.
After reviewing the 2018 Ponemon Institute’s “State of Endpoint Security Risk” Report, we distilled the report down to 7 important takeaways:
- Endpoint attacks continue to increase. More than 60% of respondents in the 2018 survey indicated that over the past 12 months, the frequency of attacks has increased. An increase in successful endpoint security attacks is concerning, because this means organizations must be prepared to respond to the threats that are evading their cybersecurity defenses. What’s more, an average of 52% of all attacks cannot be realistically stopped. If preventing attacks isn’t possible, mitigating the damage of a data breach is—if you’re proactively hunting for attacks already in progress.
- The average cost of a data breach has increased from $5 million to $7.1 million. Recovery costs, notification costs, and losses to IT infrastructure, productivity, and data/information has increased by over 40%. This $7.1 million data breach costs, factors out to an average of $440 per impacted endpoint. If we look specifically at small and mid-sized companies, the average cost per impacted endpoint increases to $763.
- Over 60% of survey respondents claim their organizations were compromised in 2018. 64% of respondents claim their organizations were successfully attacked this year—up from 54% in the 2017 endpoint security survey.
- Zero-day attacks are 4x more likely to be the culprit. Over 75% of the respondents who claim their organizations were compromised in 2018, attribute the attack to unknown zero-day attacks and/or new threats. By contrast, only 19% of respondents claimed their organizations were compromised by a known, or existing, attack.
- Antivirus tools missed an average of 57% of attacks. As malware and attackers continues to evolve, we’re seeing that AV and NGAV (Next Generation AV) software are missing the majority of attacks. Based on respondent estimates, only 43% of attacks are blocked by antivirus tools/software. Survey respondents blamed a high rate of false positives and alert fatigue as the issues preventing them from getting the most out of their antivirus software. This means that their antivirus application(s) may be flagging too much and too many attacks, while inadequately protecting your company from unknown threats and malware.
- 102 days (on average) to patch/repair endpoints. It’s difficult to keep endpoints and systems operational through effective patching—for organizations of any size. Over 40% of survey respondents have employed a process to deploy and manage patches to their endpoints, but these patches take longer to roll out, due to concerns with the impact on business continuity and system performance. Vulnerabilities can exist within applications, operating systems, and firmware, so it’s important to take proactive steps to continuously scan your network and nodes for vulnerabilities.
- EDR tools are not the answer. Endpoint Detection and Response tools (EDR), are designed to detect and “block” the early signs of an attack. Unfortunately, with the rise in zero-day exploits and new/advanced malware, organizations are finding that EDR and preventative technologies are not as effective as they thought. Moreover, 47% of respondents that have EDR tools deployed within their organization needed 90+ days to implement. Survey respondents also noted that less than half of the functionality of EDR tools (46%) is actively employed and used.
Your endpoint security infrastructure should include defensive technologies, but preventative cybersecurity tools alone are not enough. It’s just as important to employ “offensive” cybersecurity tools and techniques, such as regular penetration testing and vulnerability assessments, to ensure your organization is better protected from advanced malware and malicious threats.
Contact us to request a free compromise assessment and learn how Fortify 24×7 helps organizations fill the gaps left by their defensive endpoint security tools.