“This annual study is conducted by Ponemon Institute to understand trends and changes in endpoint risk in organizations.”
” An endpoint can include servers, desktops,laptops, smartphones, and even printers, ATMs and PoS devices. We surveyed 694 US IT and IT security practitioners who are involved in endpoint security in a variety of organizations…”
This is a comprehensive analysis of the data breaches reported to the office of the Attorney General of California.
“In the last four years, nearly 50 million records of Californians have been breached and the majority of these breaches resulted from security failures. Furthermore, nearly all of the exploited vulnerabilities, which enabled these breaches, were compromised more than a year after the solution to patch the vulnerability was publicly available. It is clear that many organizations need to sharpen their security skills, trainings, practices, and procedures to properly protect consumers.”
The report from Cisco offers that “organizations are unprepared for future strains of more sophisticated ransomware. Fragile infrastructure, poor network hygiene, and slow detection rates are providing ample time and air cover for adversaries to operate. According to the report’s findings, the struggle to constrain the operational space of attackers is the biggest challenge facing businesses and threatens the underlying foundation required for digital transformation. Other key findings in the MCR include adversaries expanding their focus to server-side attacks, evolving attack methods and increasing use of encryption to mask activity.”
“The Cisco 2016 Midyear Cybersecurity Report examines the latest threat intelligence gathered by Cisco Collective Security Intelligence. The report provides data-driven industry insights and cybersecurity trends from the first half of the year, along with actionable recommendations to improve security posture. It is based on data from a vast footprint, amounting to a daily ingest of over 40 billion points of telemetry…see the press release from Cicso or read the full report.
“To understand the challenges and threats facing businesses today, Kaspersky Lab conducted a global research study of 4,395 business executives across 25 countries in conjunction with B2B International – asking them a series of questions around their perception of IT security threats, the reality of the threat environment and the impact of data breaches upon operations.”
“The effectiveness and value of traditional endpoint security solutions, especially those that rely on signature-based detection mechanisms, have been in question for some time. However, with advanced malware now featuring countless tricks – such as polymorphism, active sandbox deception, and the ability to erase all traces of its presence after striking – the answer is clearly in.”
“Specifically, our data shows that a whopping 86.1% of respondent organizations are not satisfied with their current endpoint protection software (see Figure 26). This figure is up from 67.3% last year, and is most pronounced for respondents from Japan (93.2%) and the telecom/technology (90.8%) and retail sectors (90.3%).”
“Although respondents from Germany (76.2%) and the government (75.4%) and education verticals (77.4%) expressed the least amount of interest in making a change, it’s still pretty clear that they, too, are not exactly satisfied with the status quo.”
“Finally, among organizations reported to be looking for something new, there is roughly a 50:50 split between those intending to replace their incumbent endpoint protection solution and those merely looking to augment it. Any way you cut it, however, these results point to a segment of the security market on the verge of revolution – one where incumbent providers are far from safe as so-called next-generation endpoint security solutions are poised to grab a significant piece of the pie.”
“On the positive side of the ledger, anecdotal evidence indicates that cyber-security is now a board-level topic/concern for more organizations than at any time in the past. The fact that security budgets are both healthy and growing is also an encouraging sign (see Figures 1 and 23). Having additional funding at their disposal should enable enterprise security teams not only to fll known gaps in their organization’s defenses, but also to start getting ahead in the game.”