Bromium Black Hat Survey: Endpoint Risk Five Times Greater Than Network or Cloud

Author: No Comments Share:

Today, Bromium published “Black Hat 2015: State of Security,” a report that analyzes the results of a survey of more than 100 information security professionals at Black Hat 2015.

Key findings from “Black Hat 2015: State of Security” include:

  • The Endpoint Is the Source of Greatest Security Risk — The majority of information security professionals cited the endpoint as the source of the greatest security risk (55 percent). The second most common response was insider threats (27 percent). Network (9 percent) and cloud (9 percent) were selected less frequently.

  • Security Professionals Pan Flash — The overwhelming majority of security professionals believe their organization would be more secure if it disabled Flash (90 percent); however, 41 percent believe disabling Flash would make their organization less productive or break critical applications.

  • Implementing Security Patches Is a Challenge — The majority of organizations implement patches for zero-day vulnerabilities in software, such as Flash and Internet browsers, in the first week (50 percent first week; 10 percent first day); however, 22 percent take more than a month to deploy.

  • Critical Infrastructure Is at Risk of Cyber Attack — The majority of Black Hat attendees cited financial services (30 percent), energy (17 percent), healthcare (17 percent) and government (12 percent) as the verticals at the most risk of cyber attacks. Interestingly, financial services was also selected as the vertical that has implemented the best security practices (60 percent).

  • Windows 10 Improves Security, But Not Enough — The majority of information security professionals believe Windows 10 improves security (56 percent), but many (33 percent) believe these improvements are not enough.

Most notably, information security professionals find the endpoint is by far the source of the greatest security risk. This is only logical when you consider how frequently end users connect to untrusted networks such as hotels and coffee shops. Even more concerning is the end user’s tendency to click on any Web site and open any email, which are the most common sources of malware.

The survey illustrates the challenge with hardening against malware attack vectors. If 90 percent of information security professionals think their organization would be more secure with Flash disabled, why don’t they disable Flash? The unfortunate reality is that security often takes second priority to operations. A fact further illustrated by 40 percent of information security professionals noting that disabling Flash would break critical applications. Likewise, 22 percent of information security professionals have to wait more than a month to implement critical patches – most likely because of operations teams.

The end result is an increased risk of cyber attack on critical infrastructure, financial services in particular. The good news is that financial services are well prepared; financial services are typically more tech savvy and early adopters of new technology.

Speaking of new technology, the majority of information security professionals seem happy with Windows 10. Windows 10 adds better sandboxing and whitelisting capabilities, but security pros still feel it is inadequate due to the latent attack surface.

Bromium vSentry addresses many of the challenges with micro-virtualization to isolate threat. Threat isolation prevents data breaches by maintaining a strict separation between user tasks and the system host. Even unpatched zero days cannot be exploited to any permanent gain. The battle for the endpoint continues to wage and information security professionals are right to be concerned with the risk, but Bromium is here to help.

Previous Article

Why Malvertising Matters

Next Article

Breaking the Unbreakable Comb: The Importance of Bug Bounty Programs

You may also like