“While it is positive news that companies are making the security of endpoints a higher priority, to win the war they need to recognize the criticality of minimizing employee negligence and investing in technologies that improve the ability to detect malicious attacks.”
– Dr. Larry Ponemon, Chairman of Ponemon Institute
With advanced persistent threats (APTs) on the rise, a recent article in Help Net Security based on the findings from a 2014 Ponemon Institute study gives insight as to how organizations plan to make their security approach more foolproof.
While the Ponemon Institute study notes that endpoint risk has increased mostly because of cloud applications, employee owned mobile devices and employees working from home, the drastic rise of sophisticated APTs and Malware has also greatly contributed. This combination is what has led to 71% of respondents expressing that in the last two years endpoint risk has become more difficult than ever to manage. In fact, 40% of respondents noted that their endpoints were an entry point for an APT.
2014 has birthed some important realizations and in the new year security will focus less on preventing penetration due to the fact that penetration can happen within minutes and can be very difficult to detect. According a V3 survey, 84% of breaches took minutes to execute. Although it may always be difficult to effectively enforce endpoint security policies among your employees, because endpoints are known to be a common breach point, organizations must leverage endpoint solutions that better detect cyber-attacks early on.
How Will Organizations Enhance Their Security Defense In 2015?
1) Although many organization would like to better protect their endpoints, oftentimes security budget shortages make this close to impossible. In 2015, IT security budgets will increase for 45% of respondents.
2) Reflecting on breaches from 2014, many organizations understand that they need deploy additional security solutions to bridge their current security gaps. In 2015, many organizations will shift their security approach. Instead of mostly focusing on prevention technologies, 95% of respondents stated that tools which enable faster detection and response will be prioritized.
3) As the sophistication of attacks has clearly evolved past many traditional security tools, security decision makers are looking for solutions that can better detect complex attack techniques and hacker behaviors. 70% of respondents plan to use tools with big data and 64% stated that they already have or plan to deploy new threat intelligence.
4) Because detection of complex cyber-attacks has been delayed in the largest breaches from 2014, more organizations will leverage endpoint solutions to collect contextual, actionable data drawn from all of their endpoints in order to better determine if an attack is underway within their environment. 68% of respondents revealed that endpoint security is becoming a more crucial part of their security defence.
Contact us today for a free demo of Cybereason contact@cybereason.com