Contenu connexe Similaire à Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk (20) Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk1. 2014 State of Endpoint Risk
Sponsored by Lumension Corporation
Presentation by Dr. Larry Ponemon
January 8, 2014
4. Ponemon Institute LLC
The Institute is dedicated to advancing responsible information management
practices that positively affect privacy, data protection and information security in
business and government.
The Institute conducts independent research, educates leaders from the private
and public sectors and verifies the privacy and data protection practices of
organizations.
Ponemon Institute is a full member of CASRO (Council of American Survey
Research organizations). Dr. Ponemon serves as CASRO’s chairman of
Government & Public Affairs Committee of the Board.
The Institute has assembled more than 65+ leading multinational corporations
called the RIM Council, which focuses the development and execution of ethical
principles for the collection and use of personal data about people and
households.
The majority of active participants are privacy or information security leaders.
1/8/14
Ponemon Institute: Private and Confidential
3
5. About this research
The purpose of this study is to understand how organizations
are dealing with the IT endpoint risk. The study reveals that
endpoint security risk is more difficult to manage than ever due
to the growing number of employees and other insiders using
multiple mobile devices in the workplace. Another challenge
organizations face is the increase in personal devices
connected to the network and the growing popularity of public
cloud services.
1/8/14
Ponemon Institute© presentation
4
6. Key findings
•
•
•
•
1/8/14
Endpoint security risk is more difficult than ever to manage.
Seventy-one percent of respondents say the security threats created
by vulnerabilities to the endpoint have become more difficult to stop
or mitigate.
In the IT environment, mobility and third party applications are
the greatest security risks. Seventy-five percent of respondents
say mobile devices such as smart phones represent the greatest
risk of potential IT security risk within the IT environment.
The frequency of malware incidents increases. Forty-four
percent of respondents report a major increase in the number of
malware incidents targeting their endpoints.
Mobile endpoints are vulnerable to malware attacks. Sixty-eight
percent of respondents say their mobile endpoints have been the
target of malware in the last 12 months.
Ponemon Institute© presentation
5
7. More key findings
•
•
•
1/8/14
APTs are attacking endpoints. Forty percent of respondents say
their endpoints have been the entry point for an APT/targeted attack
in the past 12 months.
Most organizations make endpoint security a priority but
budgets lag behind. In the past 24 months, more respondents say
endpoint security is a priority in their organization’s overall IT
security strategy (65 percent of respondents). However, only 29
percent of respondents say spending will either significantly
increase or increase for endpoint security.
Malware incidents are straining IT security budgets. Fifty
percent of respondents say their organization’s IT operating
expenses are increasing. Sixty-seven percent say malware incidents
contribute a very significant or significant increase in these
expenses.
Ponemon Institute© presentation
6
9. What are the biggest threats to
endpoint security?
Two responses permitted
More multiple mobile devices in the workplace
60%
More personal devices connected to the network
51%
More insecure mobile devices in the workplace
33%
Malware infections are more difficult to detect
32%
More offsite employees using insecure WiFi
16%
Employees believe productivity is more important than
the security of devices
8%
0%
1/8/14
10%
20%
Ponemon Institute© presentation
30%
40%
50%
60%
70%
8
10. Greatest IT security risks
Mobile devices such as smart phones
75%
Across 3rd party applications
66%
Mobile/remote employees
45%
Our PC desktop/laptop
43%
Negligent insider risk
40%
0%
1/8/14
10%
20%
30%
Ponemon Institute© presentation
40%
50%
60%
70%
80%
9
11. IT security risks of greatest concern
to the organization
Three choices permitted
55%
Increased use of mobile platforms
47%
44%
Use of cloud computing
28%
39%
36%
APTs
35%
31%
Sophistication of cyber attackers
28%
30%
Growing volume of malware
25%
Insufficient budget
30%
Lack of integration between endpoint operations and
security technologies
6%
18%
0%
FY 2013
1/8/14
10%
20%
30%
40%
50%
60%
FY 2012
Ponemon Institute© presentation
10
12. Applications with the greatest IT risk
Top five choices
60%
Adobe
55%
50%
Google Docs
55%
37%
Microsoft OS/applications
44%
33%
General 3rd party applications outside of Microsoft
40%
30%
Apple/Mac OS
30%
0%
FY 2013
1/8/14
10%
20%
30%
40%
50%
60%
70%
FY 2012
Ponemon Institute© presentation
11
13. The most frequent types of malware
incidents
More than one response permitted
80%
General malware
86%
74%
79%
Web-borne malware attacks
67%
65%
Rootkits
59%
54%
APTs / Targeted attacks
49%
Botnet attacks
55%
48%
Spear phishing *
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
This response was not an option in FY 2012
FY 2013
1/8/14
FY 2012
Ponemon Institute© presentation
12
14. What are the most important MDM
features?
Three choices permitted
73%
Virus and malware detection or prevention
65%
70%
70%
Provisioning and access policy management
52%
Asset tracking
43%
38%
Encryption and other data loss technologies
44%
35%
39%
Anti-theft features
32%
Remote wipe capability
Other
38%
0%
1%
0%
10%
FY 2013
1/8/14
20%
30%
40%
50%
60%
70%
80%
FY 2012
Ponemon Institute© presentation
13
15. Steps to make BYOD more secure
More than one response permitted
Voluntary installation of endpoint protection agent
54%
Mandatory enrollment in company MDM solution through
technological means
35%
Mandatory endpoint protection agent on laptops through
technological means
32%
Voluntary enrollment in MDM solution
29%
Prohibiting exchange activesync through technologic
means
29%
Active discovery of BYOD devices on the network and in
exchange/email server logs
25%
0%
1/8/14
10%
Ponemon Institute© presentation
20%
30%
40%
50%
60%
14
16. How did the organization learn about the
APT attack?
Anomalous exfiltration traffic on the network
53%
Endpoint security technology alerted us to a possible
breach
24%
Notified by law enforcement
21%
Other
2%
0%
1/8/14
10%
Ponemon Institute© presentation
20%
30%
40%
50%
60%
15
17. How did the APT attack start?
More than one response permitted
Spear phishing emails sent to employees
45%
Web-based click jacking
34%
Fraudulently signed code/ digital certificates
33%
Memory based attack
21%
SQL injection code
12%
USB key delivery
9%
Unsure
25%
Other
2%
0%
1/8/14
5%
10%
15%
20%
Ponemon Institute© presentation
25%
30%
35%
40%
45%
50%
16
18. Will the budget for endpoint security
change?
60%
55%
50%
40%
30%
24%
20%
12%
10%
5%
4%
0%
Significantly
increased
1/8/14
Increased
Stayed the same
Ponemon Institute© presentation
Decreased
Significantly
decreased
17
19. Do malware incidents increase IT
security expenses?
50%
44%
45%
43%
40%
35%
30%
25%
28%
23%
23%
21%
20%
15%
10%
10%
8%
5%
0%
Very significant
Significant
FY 2013
1/8/14
Some significance
None
FY 2012
Ponemon Institute© presentation
18
20. What technologies will organizations
buy?
More than one response permitted
40%
Application control
50%
33%
DLP (content filtering)
48%
33%
Mobile device management
34%
26%
Device control
33%
20%
Big data analytics
37%
0%
10%
20%
Today's use rate
1/8/14
30%
40%
50%
60%
Use will increase
Ponemon Institute© presentation
19
21. Software agents & software
management user interfaces for
endpoint risk management
40%
38%
38%
35%
30%
25%
25%
23%
20%
18%
16%
15%
14%
14%
9%
10%
5%
5%
0%
1 to 2
3 to 5
6 to 10
More than 10
Cannot determine
Number of software agents installed on each endpoint
Number of user interfacesused to manage endpoint operations
1/8/14
Ponemon Institute© presentation
20
23. Sample response
Freq
Total sampling frame
Pct%
19,001
100.0%
Total returns
894
4.7%
Rejected and screened surveys
218
1.1%
Final sample
676
3.6%
1/8/14
Ponemon Institute© presentation
22
24. Organizational level that best
describes your current position
8%
2% 1% 2%
Senior Executive
18%
Vice President
Director
Manager
25%
Supervisor
Technician
Staff
25%
Contractor
19%
1/8/14
Ponemon Institute© presentation
23
25. Primary Person you or your IT
security leader reports
4%
2%
2% 2%
Chief Information Officer
12%
Chief Information Security Officer
Chief Risk Officer
Compliance Officer
53%
Chief Financial Officer
Chief Security Officer
25%
1/8/14
Other
Ponemon Institute© presentation
24
26. What industry best describes your
organization’s primary industry
focus?
3%
2% 3%
3%
Financial Services
21%
3%
Health & pharmaceuticals
Public Sector
4%
Services
4%
Retailing
Technology & software
Energy
5%
12%
Consumer products
Entertainment & media
Hospitality
8%
Education & research
Transportation
12%
9%
Communications
Other
11%
1/8/14
Ponemon Institute© presentation
25
28. Caveats
There are inherent limitations to survey research that need to be carefully considered
before drawing inferences from findings. The following items are specific limitations
that are germane to most web-based surveys.
Non-response bias: The current findings are based on a sample of survey returns. We
sent surveys to a representative sample of individuals, resulting in a large number of
usable returned responses. Despite non-response tests, it is always possible that
individuals who did not participate are substantially different in terms of underlying
beliefs from those who completed the instrument.
Sampling-frame bias: The accuracy is based on contact information and the degree to
which the list is representative of individuals who are IT or IT security practitioners.
We also acknowledge that the results may be biased by external events such as
media coverage. We also acknowledge bias caused by compensating subjects to
complete this research within a holdout period.
Self-reported results: The quality of survey research is based on the integrity of
confidential responses received from subjects. While certain checks and balances can
be incorporated into the survey process, there is always the possibility that a subject
did not provide a truthful response.
1/8/14
Ponemon Institute© presentation
27
30. More Information
• 5 Years of Endpoint Risk
https://www.lumension.com/2014
»
»
»
»
2014 State of Endpoint Risk Report
What Keeps IT Up All Night Video
5 Years of Endpoint Risk Infographic
Greatest IT Security Risks of 2014 Webcast
On-Demand
• Lumension® Endpoint Management
and Security Suite
» Online Demo Video:
https://www.lumension.com/endpointmanagement-security-suite/demo.aspx
» Free Trial (virtual or download):
https://www.lumension.com/endpointmanagement-security-suite/free-trial.aspx
» Get a Quote (and more)
https://www.lumension.com/get-a-quote.aspx
29