Review this presentation as we reveal statistics from the 2012 State of the Endpoint survey, sponsored by Lumension® and conducted by Ponemon Institute. Find out about today's growing insecurity, IT's perceived areas of greatest risk for 2012, and the disconnect between risk and planned security strategies. In addition, we will examine the evolving IT risk environment and recommendations to more effectively and cost-efficiently secure your endpoints.
* How organizations are creating a perfect storm for hackers
* The Top 3 new threats to the workplace
* Perceived risks and corresponding strategies to combat today's evolving endpoint environment
Find out about our reliance on productivity tools, but how inadequate collaboration and resource restrictions for security are creating a perfect storm for hackers.
2. Today’s Agenda
Trends in the Threat Landscape
State of Endpoint Risk:
Latest Survey Results
Summary and Recommendations
Q&A
3. Today’s Panelists
Dr. Larry Ponemon Paul Zimski
Chairman & Founder Vice President, Solution Marketing
Ponemon Institute Lumension
3
4. 2012 Threat Trends
1. State-sponsored cyber crime will become a regular occurrence
2. Social media goes deeper – increasing threats
3. Security will finally arrive for virtualization
4. Anonymous will not go away
5. Mobile devices will come under greater attack
6. VoIP will be used as a covert channel in data breaches
7. Medicare fraud via ID theft will see explosive growth
4
6. Ponemon Institute LLC
• The Institute is dedicated to advancing responsible information management
practices that positively affect privacy and data protection in business and
government.
• In our 10th year, the Institute conducts independent research, educates
leaders from the private and public sectors and verifies the privacy and data
protection practices of organizations.
• Ponemon Institute is a full member of CASRO (Council of American Survey
Research Organizations. Dr. Ponemon serves as CASRO’s chairman of
Government & Public Affairs Committee of the Board.
• The Institute has assembled more than 60+ leading multinational corporations
called the RIM Council, which focuses the development and execution of
ethical principles for the collection and use of personal data about people and
households.
6
7. Project Summary
The purpose of this study is to determine
how effective organizations are in the Survey response Freq. Pct%
protection of their endpoints and what
they perceive are the biggest obstacles to Total sampling frame 18,986 100.0%
reducing risk.
Total Returns 911 4.8%
Our study involves 688 respondents
located in the United States who are
Rejected surveys 80 .4%
deeply involved in their organization’s IT
function. Final sample 831 4.4%
All results were collected during August or
September 2011. Final sample after screening 688 3.6%
7
8. What organizational level best describes your current position
Forty-seven percent of responders are managers or hold higher level positions
within their organizations.
4% 1% 1% 1%
10%
22% Senior Executive
Vice President
Director
Manager
20% Supervisor
Technician
Staff
Contractor
23% Other
18%
8
9. Industry distribution of the 688 respondents
The largest sectors include financial services, public sector and healthcare
organizations.
Financial Services
3% 2%1%
3% Public Sector
18%
3%
Health & pharmaceuticals
4% Services
Technology & software
4%
Retailing
4% Education & research
12% Communications
5% Industrial
Hospitality
Entertainment & media
6% Transportation
10% Energy
Defense
8%
Consumer products
8% 9%
Agriculture
9
10. What is the worldwide headcount of your organization?
The majority of the respondents are from organizations with a worldwide headcount greater
than 5,000 people.
35%
31%
30%
25%
22%
21%
20%
16%
15%
10%
5% 5%
5%
0%
Less than 500 500 to 1,000 1,001 to 5,000 5,001 to 25,000 25,001 to 75,000 More than
people people people people people 75,000 people
10
11. Attributions About Endpoint Security
Forty-one percent of business executives support endpoint security operations. Only 35 percent of
respondents have ample resources to minimize risk.
Business executives are supportive of our
18% 23%
organization’s endpoint security operations.
We have ample resources to minimize IT
15% 20%
endpoint risk.
Laptops and other mobile data-bearing devices
are secure and do not present a significant 11% 15%
security risk.
0% 10% 20% 30% 40% 50%
Strongly agree Agree
11
12. What best describes how IT operations and IT security work together?
Only 12 percent of those surveyed indicate their IT operations and IT security work well together.
60%
50% 48%
40%
40%
30%
20%
12%
10%
0%
Collaboration is adequate, but Collaboration is poor or non- Collaboration is excellent
can be improved existent
12
13. Is your IT network more secure now than it was a year ago?
The study finds that the majority of respondents believe their organizations’ endpoints are vulnerable to
attacks. Compared to last year, 66 percent of respondents say their organizations’ IT networks are not
more secure or are unsure (41 percent + 25 percent).
45%
41%
40%
36% 36%
35% 34%
30% 28%
25%
25%
20%
15%
10%
5%
0%
Yes No Unsure
FY 2011 FY 2010
13
14. How many malware attempts or incidents does your IT organization
deal with monthly?
More than 75 percent of respondents experienced 26 to 50+ malware incidents per month.
50%
45% 43%
40%
35%
35% 32%
30% 27%
25%
21%
20%
15% 13%
11%
9%
10%
6%
5% 3%
0%
Less than 5 5 to 10 11 to 25 26 to 50 More than 50
FY 2011 FY 2010
14
15. Have your malware incidents increased over the past year?
Thirty-one percent of respondents say there has been a major increase in malware attacks and 22
percent say there has been a slight increase over the past year. Only 8 percent of respondents believe
malware attacks have decreased over the past year.
35%
31%
30% 28%
25% 25%
25%
22%
21%
20%
17%
15% 14%
10% 9%
8%
5%
0%
Not sure No, they have No, they stayed the Yes, but only slight Yes, major increase
decreased same increase
FY 2011 FY 2010
15
16. Where is the greatest rise of potential IT risk? (Top 5 choices)
Compared to last year, 39 percent more respondents identify mobile devices as having the greatest
potential for IT security risks.
Mobile devices such as smart phones
39%
(Blackberry, iPhone, IPad, Android)
Removable media (USB sticks) and/or media
32%
(CDs, DVDs)
Cloud computing infrastructure and providers 25%
Across 3rd party applications (vulnerabilities) 11%
Virtual computing environments (servers, endpoints) 8%
0% 5% 10% 15% 20% 25% 30% 35% 40% 45%
16
17. Which one incident represents your biggest headache?
The top three incidents that present the most difficult challenges for respondents are zero day attacks (23
percent) targeted attacks (22 percent) and SQL injection (21 percent).
40%
*FY 2010 survey did not contain this choice 35%
35%
30%
25% 23% 22% 23%
21%
20%
16%
15%
10% 11% 11%
10%
5%
0%
Exploit of software Exploit of software SQL injection Targeted attacks* Zero day attacks
vulnerability greater vulnerability less
than 3 months old than 3 months old
FY 2011 FY 2010
17
18. Which are the greatest IT security risks next year? (Top 3
concerns)
The below chart lists in descending order what respondents perceive as the five most serious security
risks their organizations will face in the near future. Respondents predict the top three IT security risks
in the next 12 months will be:
Increased use of mobile platforms (smart
36%
phones, iPads)
Insufficient budget resources 32%
Use of insecure cloud computing resources 31%
Growing volume of malware 29%
Negligent insider risk 28%
0% 5% 10% 15% 20% 25% 30% 35% 40%
18
19. Use of the following technologies will increase over the next 12
months.
Respondents indicate that their use of application control whitelisting and firewall will increase
more than 50 percent.
Application control/whitelisting (endpoint) 56%
Application control firewall (gateway) (NGFW) 55%
Endpoint management and security suite
46%
(integrated technologies like AV, patch, etc.)
Mobile device management 45%
Security Event and Incident Management
38%
(SIEM)
Network access control (NAC) 30%
Data loss/leak prevention (content filtering) 29%
0% 10% 20% 30% 40% 50% 60%
19
20. What was the change in use in the following technologies?
Application control/whitelisting (endpoint) 7%
Endpoint management and security suite
7%
(integrated technologies like AV, patch, etc.)
Device control (removable media
5%
i.e., USB, CD/DVD)
Whole disk encryption 4%
Application control firewall (gateway) (NGFW) 2%
Anti-virus 2%
0% 2% 4% 6% 8%
20
21. How has the effectiveness of the following technologies
changed?
Anti-virus and anti-malware had the largest decline in effectiveness. Respondents indicated a
17 percent decline in effectiveness.
-10% Application control firewall (gateway) (NGFW)
-11% Network access control (NAC)
-13% Device control (USB, removable media)
-15% Patch & remediation management
-15% Vulnerability assessment
-16% Endpoint firewall
-17% Anti-virus & anti-malware
-18% -16% -14% -12% -10% -8% -6% -4% -2% 0%
21
22. How concerned are you about Mac malware infections?
Eighty-five percent of Mac users surveyed indicate that they are increasingly or very concerned about
malware infections.
50%
45% 44%
41%
40%
35%
30%
25%
20%
15% 12%
10%
5% 3%
0%
Unsure Not at all concerned Increasingly concerned Very concerned
22
23. Is your IT organization’s operating cost increasing?
Forty-three percent of responders indicated their IT operating costs are increasing.
60%
50% 48%
46%
43%
41%
40%
30%
20%
11% 11%
10%
0%
Yes No Unsure
FY 2011 FY 2010
23
24. To what extent are malware incidents to blame?
Sixty-three percent of survey responses indicate malware as significantly or very significantly
contributing to the increase in IT expense.
45%
41% 40%
40%
35% 32%
30% 29%
25% 22%
20%
15% 14% 14%
10% 8%
5%
0%
Very significant Significant Some significance None
FY 2011 FY 2010
24
25. How effective is your current anti-virus/anti-malware technology?
Only 44 percent of responders consider their anti-virus/anti-malware technology to be somewhat or
very effective.
40%
*FY 2010 survey did not contain this choice
35% 33% 34%
30%
30% 28%
26%
25%
21%
20%
15%
11% 12%
10%
5%
5%
0%
Very effective Somewhat effective Somewhat Not effective at all Cannot determine*
ineffective
FY 2011 FY 2010
25
26. Does the virtualization platform require your organization to deploy
additional security measures?
No, 45%
Yes, 55%
26
27. Who provides these additional security measures?
A combination of the virtualization and security
34%
technology vendors
The virtualization vendor 30%
A security technology vendor (virtualization security
29%
component)
Unsure 5%
Other (please specify) 2%
0% 5% 10% 15% 20% 25% 30% 35% 40%
27
28. Does your organization have a cloud strategy?
Sixty-two percent of responders do not have a cloud strategy.
Unsure, 21%
Yes, 38%
No, 41%
28
29. In regards to mobile device management, what are the three most
important to your organization’s needs?
Provisioning and access policy
62%
management
Virus and malware detection or
55%
prevention
Encryption and other data loss
49%
technologies
Asset tracking 47%
Anti-theft features 42%
Remote wipe capability 41%
Other (please specify) 3%
0% 20% 40% 60% 80%
29
30. Is your organization planning to expand its use of application
control/whitelisting technologies within the next 12 months?
Sixty-three percent of responders are planning to expand their use of application control/whitelisting
technologies.
35%
32%
31%
30%
25%
25%
20%
15%
12%
10%
5%
0%
Yes, with certainty Yes, likely to do so No Unsure
30
31. Does your organization have an integrated endpoint security suite?
Almost half (46 percent) of those surveyed plan to invest in an integrated endpoint security suite.
50%
46%
45%
40%
35% 33%
30%
25%
21%
20%
15%
10%
5%
0%
Yes No, but expects to within the next No
12-24 months
31
32. How many software agents does your organization typically have
installed to perform management, security and/or other operations?
Forty-nine percent of responders have 6 or more software agents installed.
45%
40% 39%
35%
30%
25% 23%
20% 18%
15%
10% 10%
10%
5%
0%
1 to 2 3 to 5 6 to 10 More than 10 Cannot determine
32
33. How many different software management consoles does your
organization use?
35%
30%
30% 29%
25% 23%
20%
15%
10% 9% 9%
5%
0%
1 to 2 3 to 5 6 to 10 More than 10 Cannot determine
33
34. Summary of Findings
• Current approaches to endpoint security are ineffective and costly.
• Organizations do not feel more secure than they did last year.
» This is mainly due to the use of ineffective technology solutions when better,
more effective/efficient technologies exist but are not heavily implemented.
• IT operating expenses are increasing and a main driver of those costs is
tied directly to an increase in malware incidents.
» Most respondents consider malware a significant factor in those cost drivers.
• Malware continues to be on the rise with attack vectors focused more on
third-party and web-based applications.
34
35. More Information
• Data Privacy Day 2012 2012 State of the Endpoint Report
» http://www.lumension.com/2012-Data-Privacy-
Day.aspx http://www.lumension.com/2012-state-of-the-
endpoint.aspx
• Quantify Your IT Risk with Free
Scanners
» http://www.lumension.com/special-offer/
premium-security-tools.aspx
• Lumension® Endpoint Management
and Security Suite
» Demo:
http://www.lumension.com/endpoint-
management-security-suite/demo.aspx
» Evaluation:
http://www.lumension.com/endpoint-
management-security-suite/free-trial.aspx
35