b-2012 endpt sec best practices survey results wp.en-us
TRANSCRIPT
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
1/17
2012 Endpoint Security Best Practices Survey
GLOBAL RESULTS
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
2/17
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
3/17Endpoint Security Best Practices Survey
CONTENTSExecutive Summary ....................................................................................................................................4
Methodology ................................................................................................................................................6
Finding 1: Top tier organizations fare better against attacks ..............................................................8
Finding 2: Top tier organizations employ the latest in endpoint protection practices .................10
Finding 3: Attacks against endpoints are costly ..................................................................................14
Symantec Recommendations ..................................................................................................................16
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
4/174 | Endpoint Security Best Practices Survey
Executive Summary
The threat landscape is evolving as cybercriminals become more sophisticated, stealthy
and insidious with their attacks. The sheer volume of attacks is staggering: in 2010 alone,
Symantec blocked 3.1 billion attacks. Approximately 144,000 malicious files are detected
each day which translates to a rate of more than 4.3 million each month.
The traditional endpoint security tool antivirus software is no longer effective on
a stand-alone basis. Of those 3.1 billion blocked attacks, roughly half were stopped by
intrusion prevention technologies inside the organizations endpoint security software
proving that while signature-based antivirus plays a critical role in preventing threats, its
no longer an exclusive role.
Second, IT departments are dealing with a change in the number of endpoints as
employees are bringing an increasing number of devices into the workplace. Once
restricted to PCs on the desk and servers in the data center, the term now covers laptops,
smartphones, tablets, virtual servers and virtual desktops.
Symantec commissioned the 2012 Endpoint Security Best Practices Survey to see how IT
is coping with endpoint security. The findings show a wide variance between how the best
and worst organizations handle endpoint security in terms of practices. Ultimately, those
organizations employing best practices are enjoying dramatically better outcomes.
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
5/17Endpoint Security Best Practices Survey
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
6/176 | Endpoint Security Best Practices Survey
METHODOLOGYSymantec Commissioned Applied Research to field the Endpoint Security Survey in
October of 2011. They contacted a total of 1,425 IT professionals in 32 countries. Of those,
one-third were C-level employees or business owners, one-third were management focused
on strategic issues, and the remaining third were management focused on tactical and
operational issues.
The poll has a reliability of 95% confidence with +/- 2.6% margin of error.
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
7/17Endpoint Security Best Practices Survey
APJChina ................................ 150
Indonesia.......................... 100
Australia..............................75
Hong Kong...........................75
Japan...................................75
Taiwan.................................75
India ....................................50
Singapore ............................50
Thailand ..............................50
EMEAFrance..................................50
Germany..............................50
Italy .....................................50
Netherlands.........................50
Poland .................................50
Russia..................................50
United Kingdom ..................50
Latin AmericaBrazil ...................................58
Mexico .................................37
NOLA ...................................25
SOLA....................................25
North AmericaUnited States ................... 125
Canada ............................. 125
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
8/178 | Endpoint Security Best Practices Survey| Endpoint Security Best Practices Survey
FINDING 1Top tier organizations fare better against attacks
The organizations that had deployed more comprehensive security technologies and practices were
better prepared and better able to thwart attacks and reduce the amount of money and time spent
doing so. The top tier companies were two-and-a-half times less likely to experience a large number
of cyber attacks, and 3-and-a-half times less likely to experience downtime.
Top tier companies only experienced 21 percent of the downtime of the lower tier businesses a
total of 588 hours compared to 2,765 hours.
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
9/17Endpoint Security Best Practices Survey
29
48
241
270
0 50 100 150 200 250 300
Widespread downtime
Downtime of a specific server
Downtime of a specific desktop or notebook
Downtime of a specific smartphone or tablet
Please estimate how much downtime (in hours) you experiencedin the past 12 months, worldwide, that caused the following
types of downtime:(Means shown)
41%34% 32%
40% 37%43%
36%41% 42%
42%41%
39%
11% 16% 17%9% 15% 10%
9% 7% 7% 7% 5% 6%2% 2% 2% 2% 2% 3%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Mobile devices Laptops/notebooks Physical desktops Virtual desktops Physical servers Virtual servers
For each of the following devices, characterize the quantityofcyberattacks against your organization over thepast 12 months:
1 - We saw no cyberattacks 2 - We saw just a few cyberattacks
3 - We saw cyberattacks on a regular basis 4 - We saw a large number of cyberattacks
5 - We saw an extremely large number of cyberattacks
30
48
89
122
0 20 40 60 80 100 120 140
Widespread downtime
Downtime of a specific server
Downtime of a specific desktop or notebook
Downtime of a specific smartphone or tablet
Please estimate how many separate incidents you experienced inthe past 12 months, worldwide, that caused the following types
of downtime:(Means shown)
*Top Tier Results
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
10/17
FINDING 2Top tier organizations employ the latest in endpoint protection technologies and
practices
We asked survey respondents what precautions they were taking to protect their
endpoints. Based on the safeguards, policies and procedures they employed, we were
able to divide businesses into three tiers of preparation, and compared the organizations
that were in the top tier with those in the bottom tier to see what distinguishes them
from each other.
Among these top performers, nearly 100 percent indicated they keep their endpoints,
including virtual and physical servers, virtual and physical desktops, laptops/netbooks
and mobile devices somewhat or completely updated with current operating system and
application updates through the entire organization.
These companies have not only deployed virus and spyware protection across nearly
all of their virtual and physical endpoints, they have also deployed firewall protection,
intrusion prevention systems, and tools to prevent unauthorized copying of data to and
from peripheral devices such as USB drives. Nearly all of these top tier companies also
indicated that a wide range of endpoint security safeguards and technologies, including
encryption, access control, data loss prevention and reputation-based security are
somewhat-to-extremely necessary.
Finally, 99 percent of these top performers provide some form of employee security
training, with 82 percent doing so at least once a year.
10 | Endpoint Security Best Practices Survey
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
11/17Endpoint Security Best Practices Survey |
The policies and practices of the top performers contrast sharply with our findings among those
organizations who ranked in the bottom tier of results and who experience more successful
cyber attacks and heavier losses. These poor performers have not deployed the technologies
necessary to thwart todays sophisticated threats, and do not adequately train employees on
security best practices.
When asked whether they keep their endpoint devices current with operating system andapplication updates across their virtual and physical servers and devices, less than half
indicated their endpoints are somewhat-to-completely updated. Only 20 percent of their
physical endpoints: desktops, laptops/notebooks and mobile devices, have virus and spyware
protection, and only 10 percent of their virtual servers and desktops have those technologies
deployed. The percentages are similarly low for physical and virtual endpoints with firewall
protection, intrusion prevention systems and tools to prevent unauthorized copying of data to
and from peripheral devices such as USB drives.
Roughly half consider technologies such as encryption, access control, data loss prevention
and reputation-based security as somewhat or extremely necessary, and only 66 percent train
employees at least once a year.
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
12/1712 | Endpoint Security Best Practices Survey
79%
90%
90%
86%
90%
87%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Mobile devices
Laptops/notebooks
Physical desktops
Virtual desktops
Physical servers
Virtual servers
For each of the following endpoints, for what percentage of these
endpoints has virus and spyware protection been deployedthroughout your organization?
(Means shown)
83%
93%
94%
91%
94%
93%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Mobile devices
Laptops/notebooks
Physical desktops
Virtual desktops
Physical servers
Virtual servers
For your entire organization, what percentage of these endpointshas firewall protection?
(Means shown)
*Top Tier Results
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
13/17
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
14/1714 | Endpoint Security Best Practices Survey
FINDING 3Attacks against endpoints are costly
The first thing we asked about in the survey was the cost incurred in dealing with a variety
of endpoint-focused cyber attacks. We defined cyber attacks as an attack (from inside
or outside the organization) on the computer network, website, physical devices such as
desktops and mobile devices, as well as virtual servers and desktops. Examples could be
viruses, spam, denial of service attacks, theft of information, fraud, vandalism and so
forth. We then asked the respondents to indicate the costs they experienced as a result of
cyber attacks to their endpoints.
Combining the frequency of attack (what percentage of respondents experience each type
of attack) with the magnitude (the average cost for each type of attack) we were able to
determine that the typical organization incurred $470,000 in losses due to endpoint cyber
attacks in the past 12 months.
The most common consequences of attacks were forced dedication of IT manpower to
remediate affected endpoints; the loss of organization, customer or employee data; and
damage to the organizations brand and reputation.
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
15/17
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
16/1716 | Endpoint Security Best Practices Survey
Symantec RecommendationsThere is no silver bullet or single solution that will prevent all attacks, and companies
should not rely solely on endpoint security technology for protection. To reduce the risk of
a successful cyber attack, here are some steps any organization can take:
Assess the risk. Its vital that organizations identify and classify confidential
information. Organizations must know where sensitive information resides, who
has access to it, and how it is entering or leaving your organization. In addition,
organizations should continually assess their network and endpoints to identifypossible vulnerabilities.
Minimize the risk. Organizations must implement a multi-layer protection
strategy to minimize the risk of exploited endpoints. In addition to traditional
antivirus, firewall, and host intrusion protection technology, organizations
should deploy the latest innovations in endpoint security, such as reputation-
based security and real-time behavioral monitoring. These newer technologies
provide additional efficacy in the battle to thwart many of new cyber-attacks.
Finally, organizations must patch applications and systems regularly.
Education is crucial. Train employees on the risks and what they need to do
for safe computing and then hold them accountable. Eighty-two percent of top
tier companies provide security training to their employees at least annually
compared to 66 percent of bottom tier.
Be Prepared. Its important to prepare for the inevitable by creating a full
incident response plan. Its also vital to occasionally practice implementing
the plan. When the time comes to put the plan into action, it will help you by
improving your response time and will ensure a more complete response.
-
8/13/2019 B-2012 Endpt Sec Best Practices Survey Results WP.en-us
17/17