Adaptiva report shows 85% expect a compromising attack in the next year (Image Credit: Marta Branco @ Pexels) https://www.pexels.com/photo/closeup-photo-of-black-and-blue-keyboard-1194713/Adaptiva has released its 2022 Endpoint Security Report (registration required). It comes with some surprising statistics that will worry CISOs and security team leaders. For example, 85% of companies expect a compromising attack within the next 12 months. It also seems that companies are less confident about fending off attacks and responding to incidents.

Kristian Kalsing, Chief Product Officer, Adaptiva (Image Credit: LinkedIn)
Kristian Kalsing, Chief Product Officer, Adaptiva

Kristian Kalsing, Adaptiva’s Chief Product Officer, said, Its not easy being in IT right now, especially if youre responsible for protecting and securing the organization from outside threats as it seems solutions and tools have not kept up with reality and continue to apply old techniques to new challenges.

With the results of this research, it shows organizations need to rethink their lines of defense as last-generation solutions are fundamentally not working and as paradigms shift in the market, technology paradigms must quickly follow. At Adaptiva we strongly feel that real-time detection, remediation, and delivery of software updates will be necessary to confront the threats of the future.

Key takeaways from the Adaptiva report

It is not a huge report (18 pages) by anyone’s standards. However, several key takeaways are worth noting.

  • 85% of organizations expect a compromising security attack within the next 12 months. But the level of threat differs. 7% say extremely likely, 18% very likely, 36% moderately likely and 24% slightly likely.
  • 20% have experienced an endpoint attack in the last 12 months that successfully compromised data assets and/or IT infrastructure.
  • The significant impact of endpoint attacks was 47% loss of user productivity, 40% downtime and 39% loss of IT productivity.
  • Organisations are experiencing increased threats to their endpoints (66%)
  • Malware is the biggest threat (38%), followed by human error (23%) and zero-day exploits (18%). Interestingly, only 13% named insider threats as an issue.
  • Failure of existing endpoint security products (44%) and threats still slipping through tools (41%) were two reasons for considering a next-gen endpoint security solution.
  • 34% said they had insufficient visibility into what is happening on endpoints.
  • 33% admitted a  lack of expertise and capacity to build the right solutions to respond to sophisticated attacks.
  • Perennial shortage of cybersecurity skills (44%) is the most reported security operations challenge, followed by the lack of continuous 24×7 security coverage (38%) and slow incident response (37%)
  • IT teams spend an average of 36 hours on endpoint security monitoring per month
  • 43% of organizations take at least one week to roll out critical patches – 38% take longer than one week

An interesting set of responses

Some of the responses above raise additional questions not addressed in this report. For example, how are organisations separating human error and insider threats? Do they have active processes to determine malicious behaviour from accidental? What measures are they taking to address that 13%?

The endpoint responses were also missing clarity. For example, is the assumption that all endpoints are monitored? When work from home hit, people went home and started using personal technology. It would have been interesting to know how many companies had provided endpoint software to their users. Similarly, what were the problems with endpoint visibility? Was it a lack of reporting, analytics or something else?

When attacks occurred, it was surprising that the impact on users (47%) and not the business (28%) was ranked the highest. It suggests that successful attacks are being contained. Additionally, reputation and brand damage (36%) is now being recognised.

Patching is still an area of concern

Patching is still an area of concern, as shown by the time taken to deploy patches. It is unclear whether they were referring to endpoint patching or IT patching servers. On endpoints, there is a reliance on the user to allow patching. The report didn’t ask how often users cancel patching or the average length by which they delay patches.

The confidence in patches was just as concerning as the delays in patching. 19% were not at all confident in the patches, and only 30% were very confident. It would have been interesting to see these numbers broken down by technology. For example, mobile vs desktop vs browsers vs servers. There has been a significant increase in patch frequency in the mobile OS and browser space, with many out of band patches issued. How has that affected user confidence?

Enterprise Times: What does this mean?

This report is packed with numbers but little beyond simple analysis. It would have been interesting to see some qualitative research alongside the number, if only to answer some of the questions above.

However, the report shows that endpoint security, in particular, is a hot mess. What is the point if it isn’t delivering the right information or analytics? Similarly, understaffed IT teams cannot spend the equivalent of a working week per month on endpoint security and log monitoring. The tools have to do better, which is the point that Adaptiva is, no doubt, looking to enforce.

What would also have been interesting to see was a conversation over the impact of bots. How could they be used to reduce time on repetitive tasks? How open are endpoint security solutions to low-code/no-code tools? What should teams focus on, and what can be done outside the security team? How many companies should be using an MSSP to remove much of this drag on productivity?

This is an interesting report worth reading, even if it is to benchmark how your organisation is doing.

LEAVE A REPLY

Please enter your comment!
Please enter your name here