greatest it security risks of 2014: 5th annual state of endpoint risk
Post on 18-May-2015
413 Views
Preview:
DESCRIPTION
TRANSCRIPT
Presentation by Dr. Larry Ponemon
January 8, 2014
2014 State of Endpoint RiskSponsored by Lumension Corporation
Today’s Agenda
1/8/14 Ponemon Institute© presentation 1
• Introduction
• 2014 State of the Endpoint Survey
o Key Findings
o Additional Findings
o Methods
• Q&A
Today’s Presenters
2
Ed BriceSVP, Worldwide Marketing
Lumension
Dr. Larry PonemonChairman & President
Ponemon Institute
Ponemon Institute LLC
� The Institute is dedicated to advancing responsible information management
practices that positively affect privacy, data protection and information security in
business and government.
� The Institute conducts independent research, educates leaders from the private
and public sectors and verifies the privacy and data protection practices of
organizations.
� Ponemon Institute is a full member of CASRO (Council of American Survey
Research organizations). Dr. Ponemon serves as CASRO’s chairman of
Government & Public Affairs Committee of the Board.
� The Institute has assembled more than 65+ leading multinational corporations
called the RIM Council, which focuses the development and execution of ethical
principles for the collection and use of personal data about people and
households.
� The majority of active participants are privacy or information security leaders.
1/8/14 3Ponemon Institute: Private and Confidential
About this research
1/8/14 Ponemon Institute© presentation 4
The purpose of this study is to understand how organizations are dealing with the IT endpoint risk. The study reveals that endpoint security risk is more difficult to manage than ever due to the growing number of employees and other insiders using multiple mobile devices in the workplace. Another challenge organizations face is the increase in personal devices connected to the network and the growing popularity of public cloud services.
Key findings
• Endpoint security risk is more difficult than ever to manage.
Seventy-one percent of respondents say the security threats created
by vulnerabilities to the endpoint have become more difficult to stop
or mitigate.
• In the IT environment, mobility and third party applications are
the greatest security risks. Seventy-five percent of respondents
say mobile devices such as smart phones represent the greatest
risk of potential IT security risk within the IT environment.
• The frequency of malware incidents increases. Forty-four
percent of respondents report a major increase in the number of
malware incidents targeting their endpoints.
• Mobile endpoints are vulnerable to malware attacks. Sixty-eight
percent of respondents say their mobile endpoints have been the
target of malware in the last 12 months.
1/8/14 Ponemon Institute© presentation 5
More key findings
• APTs are attacking endpoints. Forty percent of respondents say
their endpoints have been the entry point for an APT/targeted attack
in the past 12 months.
• Most organizations make endpoint security a priority but
budgets lag behind. In the past 24 months, more respondents say
endpoint security is a priority in their organization’s overall IT
security strategy (65 percent of respondents). However, only 29
percent of respondents say spending will either significantly
increase or increase for endpoint security.
• Malware incidents are straining IT security budgets. Fifty
percent of respondents say their organization’s IT operating
expenses are increasing. Sixty-seven percent say malware incidents
contribute a very significant or significant increase in these
expenses.
1/8/14 Ponemon Institute© presentation 6
Key Findings
What are the biggest threats to endpoint security?Two responses permitted
1/8/14 Ponemon Institute© presentation 8
8%
16%
32%
33%
51%
60%
0% 10% 20% 30% 40% 50% 60% 70%
Employees believe productivity is more important thanthe security of devices
More offsite employees using insecure WiFi
Malware infections are more difficult to detect
More insecure mobile devices in the workplace
More personal devices connected to the network
More multiple mobile devices in the workplace
Greatest IT security risks
1/8/14 Ponemon Institute© presentation 9
40%
43%
45%
66%
75%
0% 10% 20% 30% 40% 50% 60% 70% 80%
Negligent insider risk
Our PC desktop/laptop
Mobile/remote employees
Across 3rd party applications
Mobile devices such as smart phones
IT security risks of greatest concern to the organizationThree choices permitted
1/8/14 Ponemon Institute© presentation 10
18%
30%
30%
31%
36%
28%
47%
6%
25%
28%
35%
39%
44%
55%
0% 10% 20% 30% 40% 50% 60%
Lack of integration between endpoint operations andsecurity technologies
Insufficient budget
Growing volume of malware
Sophistication of cyber attackers
APTs
Use of cloud computing
Increased use of mobile platforms
FY 2013 FY 2012
Applications with the greatest IT riskTop five choices
1/8/14 Ponemon Institute© presentation 11
30%
40%
44%
55%
55%
30%
33%
37%
50%
60%
0% 10% 20% 30% 40% 50% 60% 70%
Apple/Mac OS
General 3rd party applications outside of Microsoft
Microsoft OS/applications
Google Docs
Adobe
FY 2013 FY 2012
The most frequent types of malware incidentsMore than one response permitted
1/8/14 Ponemon Institute© presentation 12
55%
54%
65%
79%
86%
48%
49%
59%
67%
74%
80%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Spear phishing *
Botnet attacks
APTs / Targeted attacks
Rootkits
Web-borne malware attacks
General malware
This response was not an option in FY 2012
FY 2013 FY 2012
What are the most important MDM features?Three choices permitted
1/8/14 Ponemon Institute© presentation 13
1%
38%
39%
44%
43%
70%
65%
0%
32%
35%
38%
52%
70%
73%
0% 10% 20% 30% 40% 50% 60% 70% 80%
Other
Remote wipe capability
Anti-theft features
Encryption and other data loss technologies
Asset tracking
Provisioning and access policy management
Virus and malware detection or prevention
FY 2013 FY 2012
Steps to make BYOD more secureMore than one response permitted
1/8/14 Ponemon Institute© presentation 14
25%
29%
29%
32%
35%
54%
0% 10% 20% 30% 40% 50% 60%
Active discovery of BYOD devices on the network and inexchange/email server logs
Prohibiting exchange activesync through technologicmeans
Voluntary enrollment in MDM solution
Mandatory endpoint protection agent on laptops throughtechnological means
Mandatory enrollment in company MDM solution throughtechnological means
Voluntary installation of endpoint protection agent
How did the organization learn about the APT attack?
1/8/14 Ponemon Institute© presentation 15
2%
21%
24%
53%
0% 10% 20% 30% 40% 50% 60%
Other
Notified by law enforcement
Endpoint security technology alerted us to a possiblebreach
Anomalous exfiltration traffic on the network
How did the APT attack start?More than one response permitted
1/8/14 Ponemon Institute© presentation 16
2%
25%
9%
12%
21%
33%
34%
45%
0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%
Other
Unsure
USB key delivery
SQL injection code
Memory based attack
Fraudulently signed code/ digital certificates
Web-based click jacking
Spear phishing emails sent to employees
Will the budget for endpoint security change?
1/8/14 Ponemon Institute© presentation 17
5%
24%
55%
12%
4%
0%
10%
20%
30%
40%
50%
60%
Significantlyincreased
Increased Stayed the same Decreased Significantlydecreased
Do malware incidents increase IT security expenses?
1/8/14 Ponemon Institute© presentation 18
23%
44%
23%
10%
21%
43%
28%
8%
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
Very significant Significant Some significance None
FY 2013 FY 2012
What technologies will organizations buy? More than one response permitted
1/8/14 Ponemon Institute© presentation 19
37%
33%
34%
48%
50%
20%
26%
33%
33%
40%
0% 10% 20% 30% 40% 50% 60%
Big data analytics
Device control
Mobile device management
DLP (content filtering)
Application control
Today's use rate Use will increase
Software agents & software management user interfaces for endpoint risk management
1/8/14 Ponemon Institute© presentation 20
16%
23%
38%
18%
5%
14%
25%
38%
14%
9%
0%
5%
10%
15%
20%
25%
30%
35%
40%
1 to 2 3 to 5 6 to 10 More than 10 Cannot determine
Number of software agents installed on each endpoint
Number of user interfacesused to manage endpoint operations
Methods
Sample response Freq Pct%
Total sampling frame 19,001 100.0%
Total returns 894 4.7%
Rejected and screened surveys 218 1.1%
Final sample 676 3.6%
1/8/14 Ponemon Institute© presentation 22
Organizational level that best describes your current position
1/8/14 Ponemon Institute© presentation 23
1% 2%
18%
25%
19%
25%
8%2%
Senior Executive
Vice President
Director
Manager
Supervisor
Technician
Staff
Contractor
Primary Person you or your IT security leader reports
1/8/14 Ponemon Institute© presentation 24
53%
25%
12%
4%2% 2% 2%
Chief Information Officer
Chief Information Security Officer
Chief Risk Officer
Compliance Officer
Chief Financial Officer
Chief Security Officer
Other
What industry best describes your organization’s primary industry focus?
1/8/14 Ponemon Institute© presentation 25
21%
12%
12%
11%
9%
8%
5%
4%
4%
3%
3%3%
2% 3%
Financial Services
Health & pharmaceuticals
Public Sector
Services
Retailing
Technology & software
Energy
Consumer products
Entertainment & media
Hospitality
Education & research
Transportation
Communications
Other
Organization’s worldwide headcount
1/8/14 Ponemon Institute© presentation 26
8%
15%
20%
34%
20%
3%
< 500 people
500 to 1,000 people
1,001 to 5,000 people
5,001 to 25,000 people
25,001 to 75,000 people
> 75,000 people
Caveats
1/8/14 Ponemon Institute© presentation 27
There are inherent limitations to survey research that need to be carefully considered before drawing inferences from findings. The following items are specific limitations that are germane to most web-based surveys.
Non-response bias: The current findings are based on a sample of survey returns. We sent surveys to a representative sample of individuals, resulting in a large number of usable returned responses. Despite non-response tests, it is always possible that individuals who did not participate are substantially different in terms of underlying beliefs from those who completed the instrument.
Sampling-frame bias: The accuracy is based on contact information and the degree to which the list is representative of individuals who are IT or IT security practitioners. We also acknowledge that the results may be biased by external events such as media coverage. We also acknowledge bias caused by compensating subjects to complete this research within a holdout period.
Self-reported results: The quality of survey research is based on the integrity of confidential responses received from subjects. While certain checks and balances can be incorporated into the survey process, there is always the possibility that a subject did not provide a truthful response.
Page 28
Questions?
Ponemon InstituteToll Free: 800.887.3118
Michigan HQ: 2308 US 31 N.
Traverse City, MI 49686 USA
research@ponemon.org
Ponemon Institute© presentation
More Information
• Lumension® Endpoint Management
and Security Suite» Online Demo Video:
https://www.lumension.com/endpoint-
management-security-suite/demo.aspx
» Free Trial (virtual or download):https://www.lumension.com/endpoint-
management-security-suite/free-trial.aspx
» Get a Quote (and more)
https://www.lumension.com/get-a-quote.aspx
29
• 5 Years of Endpoint Risk
https://www.lumension.com/2014» 2014 State of Endpoint Risk Report
» What Keeps IT Up All Night Video
» 5 Years of Endpoint Risk Infographic
» Greatest IT Security Risks of 2014 Webcast
On-Demand
top related