Pressure to boost business productivity combined with weak collaboration across divisions is exposing enterprise IT departments to greater security risks, according to a new report.
The annual “State of Endpoint” study, conducted by the Ponemon Institute for endpoint management and security vendor Lumension, found that the share of organizations that feel their IT networks are no more secure than they were a year ago has risen over the past two years to nearly two-thirds.
Researchers concluded that inadequate collaboration and limited security resources create an environment that attackers can exploit.
Even as malware attacks grow in frequency and sophistication, many IT teams are not working closely with security teams to develop centralized, organization-wide plans for protecting the enterprise network.
“Perhaps most surprising this year is that malware incidents have increased for a third consecutive year, yet IT’s concern in this area is decreasing,” said Larry Ponemon, chairman and founder of the Ponemon Institute. “Organizations are not allocating budget to basic malware prevention strategies, nor are IT and security collaborating to build centralized plans for the enterprise network.”
“Instead, much of IT’s focus appears to be on new workplace technologies such as mobile devices, cloud computing and virtualization.”
State of IT Endpoint Risk — Key Findings:
- Malware remains a persistent threat and a driver of operational costs, while efforts to reduce it are hampered as priorities shift toward enabling business productivity with lower expense.
- 31% of respondents reported a substantial increase in the frequency of malware incidents compared with the prior year, and 43% estimate they face more than 50 malware attempts each month — nearly two intrusions per day.
- 23% of organizations identified zero-day attacks as their top concern, with targeted attacks a close second at 22%.
- Compared with the 2010 survey, the top five areas showing the greatest rise in potential IT security risk are:
- Third-party applications were ranked the most concerning risk, yet only 23% of respondents listed patching and remediation among their top five mitigation strategies.
- Concern about securing mobile devices and platforms jumped from 9% in 2010 to 48% in 2011.
- Worries about negligent insider risk have remained steady over three years, with 43% of organizations viewing this as a leading risk heading into 2012.
- Concerns over cloud infrastructure risk rose from 18% in 2010 to 43% in 2011. Although most expect cloud usage to increase, 41% said they do not yet have a security strategy for assets stored in the cloud.
- More than 72% of respondents expect increased use of social media applications in 2012.
- Ongoing downward pressure on IT security investment and low prioritization of organizational security persist.
- Security budgets remain a top concern for 2012 (32%), and 40% of respondents said collaboration between security and IT is poor or non-existent.
- Only 25% expected budget increases in 2012; many cited insufficient collaboration with business operations (16%) and the absence of an organization-wide security strategy (13%) as major issues.
- 48% said collaboration between IT operations and IT security could be improved.
- As Mac devices become more common at work, confidence in their immunity to malware is eroding — 85% of respondents said they are very or increasingly concerned about Mac security.
- To address new risks from remote workers, social media, mobile platforms and cloud computing, organizations plan to adopt a broader set of endpoint defenses. The top five technologies IT intends to increase over the next 12 months are:
- Application control/whitelisting (56%)
- Application control firewall/gateway (55%)
- Integrated endpoint security suites (46%)
- Mobile device management (45%)
- Security event and incident management (SIEM) (38%)
Overall, the report highlights a disconnect between rising threats and the allocation of resources and coordination needed to manage them. Organizations that fail to prioritize collaboration between IT and security, maintain adequate budgets, and implement comprehensive strategies for emerging technologies will remain vulnerable as threats continue to evolve.