With more than 200 different products from 125 vendors to solve the top 20 security controls (deep breath), there’s no shortage of information security tools in the market. Organizations are building defensive arsenals with these tools, but the intruders are still slipping through the digital “doors and windows” left open and unlocked by the organization.
Why predict the next threat when you can confidently address the root cause of the problem? First, identify what needs to be managed and secured within an environment, then work to proactively secure every asset with the appropriate patches and security configuration controls. It’s the first thing we say to our customers: you can’t secure what you can’t manage, and you can’t manage what you don’t know about.
A new study reveals organizations are wasting an average of $6 million on the time to detect and contain insecure endpoints, among other staggering findings that show endpoint threats are a growing concern, companies are not efficiently protecting their proprietary data, and the cost and complexity of reducing endpoint risks are at an all-time high.
The research did not take into account the liability associated with increased risks of data breaches that are becoming all too commonplace as workers place data at risk on laptops, mobile phones and tablets.
Key findings from the study include the following:
- 56% of companies lack a cohesive compliance strategy,
- 70% report a “below average” ability to minimize endpoint failure damages.
- 28 percent of respondents say their organizations rely upon automated analysis and inspection to determine compliance.
- 63% could not monitor endpoint devices when they left the corporate network
- 53% of companies reveal that malware infected endpoints have increased in the last 12 months.
- Respondents believe automation increases efficiency and offers better visibility of dark endpoints: It costs organizations an average of $1.37 million annually in wasted time responding to erroneous malware alerts. Enterprises could save nearly $2.1 million annually with automated endpoint security solutions.
This study along with recent ransomware attacks and high-profile data breaches show the danger of today’s endpoint blind spots, and underscore that automation and newer approaches to endpoint security are key to safeguarding endpoints and the sensitive data on them for optimal business performance.
Adobe: 2,771 critical vulnerabilities (CVSS 5 or higher) with 98.9% of endpoints running vulnerable version of Shockwave. 91% had vulnerable versions of Flash.
Java: 106 distinct versions of Java detected with 97.8% of endpoints impacted by vulnerabilities.
Windows Patches: 77% of machines were missing six or more critical updates, with 1.6 million missing patches in all and 2007 being the oldest reported missing critical patch — a nearly 10 year old missing critical patch.
SCCM: 20% of machines with unhealthy SCCM clients.
After an Assessment, the end of the story isn’t just fixing your patches and closing your vulnerabilities. An assessment report is simply a snapshot of today. If it’s the end of your actions, you’ll find yourself in the exact same position soon enough if your tools and workflows aren’t corrected. Therefore, it is necessary to establish a process and measure the effectiveness for continual improvement.
No comments:
Post a Comment