There is virtually universal recognition of the risk created by constantly evolving, increasingly dangerous cybersecurity threats. But even the most deep-pocketed organizations with the most talented security teams and advanced security tools continue to make headlines because their systems were compromised. From Dunkin Donuts to Fortnite to BlackRock, 2019 is already shaping up to be a big year for data breaches.
For more depressing news, we turn to the 2018 State of Endpoint Security Risk report from Ponemon Institute. From a 10,000-foot view, we see more frequent attacks, more sophisticated attacks, a higher number of successful attacks, higher costs per data breach, and organizations that seem almost helpless against hackers. Let’s dig into the specifics.
Overall, endpoint attack frequency is up, and more organizations have been compromised. Sixty-three percent of survey respondents said their organization has been attacked more often in the past 12 months. Sixty-four percent said their organization suffered one or more data breaches, up from 54 percent in the previous year.
The average cost of a successful endpoint attack increased from $5 million in 2017 to $7.12 million in 2018. The cost per endpoint for small to midsize businesses ($763) is much higher than the cost for enterprises ($440). The biggest financial consequences of a data breach involve lost productivity, theft of data assets, downtime, damage to infrastructure, reputation damage, and lawsuits, fines and regulatory actions.
Unknown threats are causing the biggest headaches and most organizations can’t stop them. Seventy percent of survey respondents believe unknown, new or zero-day attacks have significantly increased. These types of threats are four times more likely than known threats (76 percent vs. 19 percent) to cause a data breach. However, only 47 percent of survey respondents said their organizations are investing in endpoint security tools that can stop unknown threats.
Most organizations don’t think they’re capable of stopping endpoint attacks, and the data shows they’re probably right. Only four in 10 respondents said they have ample resources to minimize endpoint risk. On average, respondents said their current antivirus solution misses 57 percent of attacks. Part of the problem is the snail-like pace of patching. The average time to deploy a patch is 102 days, which is useless against unknown attacks and may not be fast enough to catch known threats.
The current state of endpoint risk, and the lack of confidence of security professionals can be summed up in one statement. On average, survey respondents believe 52 percent of attacks cannot realistically be stopped.
For smaller organizations, managing IT security with tools and threats that are constantly changing is typically too much for internal teams to handle. The only viable approach is to partner with a managed services provider. Managed services from Verteks includes 24x7 monitoring and management of your IT environment. We can assist with modern antivirus software, email security, next-generation firewalls and other tools that are capable of detecting new threats. Our analysts will then investigate alerts, respond to threats and provide reports that give you visibility into the security of your network.
Let us show you how Verteks managed services can help you get a handle on endpoint security by keeping systems up to date, implementing advanced security tools, responding immediately to suspicious activity, and stopping unknown threats before they do serious damage.
