State of Endpoint Security Risk study shows that 80 percent of successful breaches are from zero-day exploits
- Published: Monday, 03 February 2020 10:43
A new study released by Ponemon Institute finds that organizations are not making progress in reducing their endpoint security risk, especially against new and unknown threats. The Third Annual Ponemon Institute Study on the State of Endpoint Security Risk, sponsored by Morphisec, found that 68 percent IT security professionals say their company experienced one or more endpoint attacks that compromised data assets or IT infrastructure in 2019, an increase from 54 percent of respondents in 2017. Of those incidents that were successful, 80 percent were new or unknown, zero-day attacks. These attacks either involved the exploitation of undisclosed vulnerabilities or the use of new malware variants that signature-based, detection solutions do not recognize.
Zero-day attacks continue to increase in frequency and are expected to more than double in the coming year. These attacks are also inflicting more bottom-line business damage. The study found that the average cost per endpoint breach increased to $9M in 2019, up more than $2M since 2018.
“Corporate endpoint breaches are skyrocketing and the economic impact of each attack is also growing due to sophisticated actors bypassing enterprise antivirus solutions,” said Larry Ponemon, Chairman and Founder of Ponemon Institute. “Over half of cyber security professionals say their organizations are ineffective at thwarting major threats today because their endpoint security solutions are not effective at detecting advanced attacks.”
The study surveyed 671 IT security professionals responsible for managing and reducing their organization’s endpoint security risk. In addition to expressing concern over zero-day threats, respondents noted increasing vulnerability during patch gaps. In fact, 40 percent of companies say it’s taking longer to patch, with an average patch gap of 97 days due to the number of patches and their complexity.
Patch exploits will continue to be a hot-button issue in 2020 as the last remaining organizations upgrade to Windows 10 on the heels of Windows 7 end of life, and patch frequency increases. However, the shift to Windows 10 is also ushering in new enterprise security strategies that can be effective in thwarting more advanced threats. With Windows Defender Antivirus (AV) built into the Windows 10 operating system, 80 percent of organizations report using or planning to use Devender AV for savings over their legacy antivirus solution. Cost savings are being reallocated towards an added layer of advanced threat protection in endpoint stacks and an increase in IT resources. Over half (51 percent) of cyber security professionals say they’ve added an extra layer of security to their antivirus solutions. Furthermore, since 2017 the number of IT departments reporting they have ample resources to minimize endpoint threats has increased from 36 percent to 44 percent.