New research, by endpoint management company Adaptiva, conducted by Ponemon Institute LLC, shows 50% of endpoints are at risk
600 CISOS, IT SecOps Directors, and Managers report that almost half of devices are vulnerable to attacks because they are undetected by IT or have outdated operating systems.
The survey says that’s despite the $4.25 million the average enterprise spends to protect endpoints, which are defined as remote computing devices that communicate on a network. The report surveyed IT and cybersecurity practitioners at organizations with an average of 13,213 employees and $184.3 million in annual IT spending.
Nearly two-thirds of respondents said lack of visibility into endpoints is their organization’s most significant cybersecurity vulnerability.
Keeping operating systems and applications current is the biggest problem (cited by 62%), followed closely by patches and security updates (59%) and network settings and connectivity issues (50%).
Half said the shift to the remote workforce has made it more challenging to deliver updates and patches.
A big part of the problem is that the number of distribution points organizations use to update connected endpoint devices has grown as the workforce has become more distributed over the last two years.
The average enterprise now has one distribution point for every six connected devices and the average endpoint has seven different management and security agents installed, which complicates visibility and control. Only one-third of respondents said their organizations are effective at reducing distribution point sprawl.
Two-thirds said their organizations lack the resources needed to minimize endpoint risk and they estimate, on average, that they are only equipped to stop at about half of endpoint attacks.
The biggest threat to endpoint security was deemed to be ransomware, followed closely by zero-day or unpatched attacks and distributed denial-of-service attacks.
Email is the most common attack vector, followed by application program interfaces and vulnerabilities introduced by software updates and patches.
Of the 54% of organizations that suffered an average of five endpoint attacks over the past year, mean losses totaled $1.8 million, with downtime being the costliest factor.
The survey indicated that there is a disconnect between IT operations personnel — who are responsible for monitoring endpoints and distributing updates — and the cybersecurity practitioners who are in charge of security policies and respond to incidents.
For example, 57% of operations people said the remote workforce has made it more difficult to deliver updates and patches, compared with 40% of security practitioners. Operations professionals also cited the difficulty of maintaining new operating system and application versions to a much greater degree than their cybersecurity colleagues and were somewhat more likely to say their organizations have established clearly defined roles and accountability for safeguarding sensitive information.