the shifting state of endpoint risk: key strategies to implement in 2012
TRANSCRIPT
![Page 1: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/1.jpg)
The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012
![Page 2: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/2.jpg)
Today’s Agenda
Trends in the Threat Landscape
State of Endpoint Risk:Latest Survey Results
Summary and Recommendations
Q&A
![Page 3: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/3.jpg)
Today’s Panelists
3
Dr. Larry PonemonChairman & FounderPonemon Institute
Paul ZimskiVice President, Solution MarketingLumension
![Page 4: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/4.jpg)
4
2012 Threat Trends
1. State-sponsored cyber crime will become a regular occurrence
2. Social media goes deeper – increasing threats
3. Security will finally arrive for virtualization
4. Anonymous will not go away
5. Mobile devices will come under greater attack
6. VoIP will be used as a covert channel in data breaches
7. Medicare fraud via ID theft will see explosive growth
![Page 5: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/5.jpg)
State of Endpoint RiskLatest Survey Results
![Page 6: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/6.jpg)
Ponemon Institute LLC
• The Institute is dedicated to advancing responsible information management practices that positively affect privacy and data protection in business and government.
• In our 10th year, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations.
• Ponemon Institute is a full member of CASRO (Council of American Survey Research Organizations. Dr. Ponemon serves as CASRO’s chairman of Government & Public Affairs Committee of the Board.
• The Institute has assembled more than 60+ leading multinational corporations called the RIM Council, which focuses the development and execution of ethical principles for the collection and use of personal data about people and households.
6
![Page 7: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/7.jpg)
Project Summary
The purpose of this study is to determine
how effective organizations are in the
protection of their endpoints and what
they perceive are the biggest obstacles to
reducing risk.
Our study involves 688 respondents
located in the United States who are
deeply involved in their organization’s IT
function.
All results were collected during August or
September 2011.
Survey response Freq. Pct%
Total sampling frame 18,986 100.0%
Total Returns 911 4.8%
Rejected surveys 80 .4%
Final sample 831 4.4%
Final sample after screening 688 3.6%
7
![Page 8: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/8.jpg)
What organizational level best describes your current position
8
1% 1%
22%
23%
18%
20%
10%
4% 1%
Senior Executive
Vice President
Director
Manager
Supervisor
Technician
Staff
Contractor
Other
Forty-seven percent of responders are managers or hold higher level positions within their organizations.
![Page 9: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/9.jpg)
Industry distribution of the 688 respondents
9
18%
12%
10%
9%8%
8%
6%
5%
4%
4%
4%
3%3%
3% 2% 1% Financial Services
Public Sector
Health & pharmaceuticals
Services
Technology & software
Retailing
Education & research
Communications
Industrial
Hospitality
Entertainment & media
Transportation
Energy
Defense
Consumer products
Agriculture
The largest sectors include financial services, public sector and healthcare organizations.
![Page 10: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/10.jpg)
What is the worldwide headcount of your organization?
10
Less than 500 people
500 to 1,000 people
1,001 to 5,000 people
5,001 to 25,000 people
25,001 to 75,000 people
More than 75,000 people
0%
5%
10%
15%
20%
25%
30%
35%
5%
16%
22%
31%
21%
5%
The majority of the respondents are from organizations with a worldwide headcount greater than 5,000 people.
![Page 11: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/11.jpg)
Attributions About Endpoint Security
11
Laptops and other mobile data-bearing devices are secure and do not present a significant security risk.
We have ample resources to minimize IT endpoint risk.
Business executives are supportive of our organization’s endpoint security operations.
0% 5% 10% 15% 20% 25% 30% 35% 40% 45%
11%
15%
18%
15%
20%
23%
Strongly agree Agree
Forty-one percent of business executives support endpoint security operations. Only 35 percent of respondents have ample resources to minimize risk.
![Page 12: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/12.jpg)
What best describes how IT operations and IT security work together?
12
Colla
bora
tion
is ad
equa
te, b
ut ca
n be
impr
oved
Colla
bora
tion
is po
or o
r non
-exis
tent
Colla
bora
tion
is ex
celle
nt0%
10%
20%
30%
40%
50%
60%48%
40%
12%
Only 12 percent of those surveyed indicate their IT operations and IT security work well together.
![Page 13: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/13.jpg)
Is your IT network more secure now than it was a year ago?
The study finds that the majority of respondents believe their organizations’ endpoints are vulnerable to attacks. Compared to last year, 66 percent of respondents say their organizations’ IT networks are not more secure or are unsure (41 percent + 25 percent).
13
Yes No Unsure0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
34%
41%
25%
36% 36%
28%
FY 2011 FY 2010
![Page 14: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/14.jpg)
How many malware attempts or incidents does your IT organization deal with monthly?
14
Less than 5 5 to 10 11 to 25 26 to 50 More than 500%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
3%
9%
13%
32%
43%
6%
11%
21%
35%
27%
FY 2011 FY 2010
More than 75 percent of respondents experienced 26 to 50+ malware incidents per month.
![Page 15: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/15.jpg)
Have your malware incidents increased over the past year?
Thirty-one percent of respondents say there has been a major increase in malware attacks and 22 percent say there has been a slight increase over the past year. Only 8 percent of respondents believe malware attacks have decreased over the past year.
15
Not sure No, they have decreased
No, they stayed the same
Yes, but only slight increase
Yes, major increase
0%
5%
10%
15%
20%
25%
30%
35%
14%
8%
25%
22%
31%
17%
9%
25%
21%
28%
FY 2011 FY 2010
![Page 16: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/16.jpg)
Where is the greatest rise of potential IT risk? (Top 5 choices)
Compared to last year, 39 percent more respondents identify mobile devices as having the greatest potential for IT security risks.
16
Virtual computing environments (servers, endpoints)
Across 3rd party applications (vulnerabilities)
Cloud computing infrastructure and providers
Removable media (USB sticks) and/or media (CDs, DVDs)
Mobile devices such as smart phones (Blackberry, iPhone, IPad, Android)
0% 5% 10% 15% 20% 25% 30% 35% 40% 45%
8%
11%
25%
32%
39%
![Page 17: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/17.jpg)
Which one incident represents your biggest headache?
The top three incidents that present the most difficult challenges for respondents are zero day attacks (23 percent) targeted attacks (22 percent) and SQL injection (21 percent).
17
Exploit of software vulnerability greater than 3 months old
Exploit of software vulnerability less than 3 months old
SQL injection Targeted attacks* Zero day attacks0%
5%
10%
15%
20%
25%
30%
35%
40%
10% 11%
21% 22% 23%
16%
11%
23%
35%
FY 2011 FY 2010
*FY 2010 survey did not contain this choice
![Page 18: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/18.jpg)
Which are the greatest IT security risks next year? (Top 3 concerns)
The below chart lists in descending order what respondents perceive as the five most serious security risks their organizations will face in the near future. Respondents predict the top three IT security risks in the next 12 months will be:
18
Negligent insider risk
Growing volume of malware
Use of insecure cloud computing resources
Insufficient budget resources
Increased use of mobile platforms (smart phones, iPads)
0% 5% 10% 15% 20% 25% 30% 35% 40%
28%
29%
31%
32%
36%
![Page 19: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/19.jpg)
Use of the following technologies will increase over the next 12 months.
Respondents indicate that their use of application control whitelisting and firewall will increase more than 50 percent.
19
Data loss/leak prevention (content filtering)
Network access control (NAC)
Security Event and Incident Management (SIEM)
Mobile device management
Endpoint management and security suite (integrated technologies like AV, patch, etc.)
Application control firewall (gateway) (NGFW)
Application control/whitelisting (endpoint)
0% 10% 20% 30% 40% 50% 60%
29%
30%
38%
45%
46%
55%
56%
![Page 20: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/20.jpg)
What was the change in use in the following technologies?
20
Anti-virus
Application control firewall (gateway) (NGFW)
Whole disk encryption
Device control (removable media i.e., USB, CD/DVD)
Endpoint management and security suite (integrated technologies like AV, patch, etc.)
Application control/whitelisting (endpoint)
0% 1% 2% 3% 4% 5% 6% 7% 8%
2%
2%
4%
5%
7%
7%
![Page 21: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/21.jpg)
How has the effectiveness of the following technologies changed?
21
Anti-virus & anti-malware
Endpoint firewall
Vulnerability assessment
Patch & remediation management
Device control (USB, removable media)
Network access control (NAC)
Application control firewall (gateway) (NGFW)
-18% -16% -14% -12% -10% -8% -6% -4% -2% 0%
-17%
-16%
-15%
-15%
-13%
-11%
-10%
Anti-virus and anti-malware had the largest decline in effectiveness. Respondents indicated a 17 percent decline in effectiveness.
![Page 22: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/22.jpg)
How concerned are you about Mac malware infections?
22
Unsure Not at all concerned Increasingly concerned Very concerned0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
3%
12%
44%41%
Eighty-five percent of Mac users surveyed indicate that they are increasingly or very concerned about malware infections.
![Page 23: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/23.jpg)
Is your IT organization’s operating cost increasing?
23
Yes No Unsure0%
10%
20%
30%
40%
50%
60%
43%46%
11%
41%
48%
11%
FY 2011 FY 2010
Forty-three percent of responders indicated their IT operating costs are increasing.
![Page 24: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/24.jpg)
To what extent are malware incidents to blame?
24
Very significant Significant Some significance None0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
22%
41%
29%
8%
14%
40%
32%
14%
FY 2011 FY 2010
Sixty-three percent of survey responses indicate malware as significantly or very significantly contributing to the increase in IT expense.
![Page 25: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/25.jpg)
How effective is your current anti-virus/anti-malware technology?
25
0%
5%
10%
15%
20%
25%
30%
35%
40%
11%
33%
30%
21%
5%
12%
34%
28%26%
FY 2011 FY 2010
*FY 2010 survey did not contain this choice
Only 44 percent of responders consider their anti-virus/anti-malware technology to be somewhat or very effective.
![Page 26: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/26.jpg)
Does the virtualization platform require your organization to deploy additional security measures?
26
Yes 55%
No 45%
![Page 27: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/27.jpg)
Who provides these additional security measures?
27
Other (please specify)
Unsure
A security technology vendor (virtualization security component)
The virtualization vendor
A combination of the virtualization and security technology vendors
0% 5% 10% 15% 20% 25% 30% 35% 40%
2%
5%
29%
30%
34%
![Page 28: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/28.jpg)
Does your organization have a cloud strategy?
28
Yes 38%
No 41%
Unsure 21%
Sixty-two percent of responders do not have a cloud strategy.
![Page 29: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/29.jpg)
In regards to mobile device management, what are the three most important to your organization’s needs?
29
Other (please specify)
Remote wipe capability
Anti-theft features
Asset tracking
Encryption and other data loss technologies
Virus and malware detection or prevention
Provisioning and access policy management
0% 10% 20% 30% 40% 50% 60% 70%
3%
41%
42%
47%
49%
55%
62%
![Page 30: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/30.jpg)
Is your organization planning to expand its use of application control/whitelisting technologies within the next 12 months?
30
Yes, with certainty Yes, likely to do so No Unsure0%
5%
10%
15%
20%
25%
30%
35%32%
31%
25%
12%
Sixty-three percent of responders are planning to expand their use of application control/whitelisting technologies.
![Page 31: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/31.jpg)
Does your organization have an integrated endpoint security suite?
31
Yes No, but expects to within the next 12-24 months
No 0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
33%
46%
21%
Almost half (46 percent) of those surveyed plan to invest in an integrated endpoint security suite.
![Page 32: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/32.jpg)
How many software agents does your organization typically have installed to perform management, security and/or other operations?
32
1 to 2 3 to 5 6 to 10 More than 10 Cannot determine0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
18%
23%
39%
10% 10%
Forty-nine percent of responders have 6 or more software agents installed.
![Page 33: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/33.jpg)
How many different software management consoles does your organization use?
33
1 to 2 3 to 5 6 to 10 More than 10 Cannot determine0%
5%
10%
15%
20%
25%
30%
35%
23%
29%30%
9% 9%
![Page 34: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/34.jpg)
Summary of Findings
•Current approaches to endpoint security are ineffective and costly.
•Organizations do not feel more secure than they did last year. » This is mainly due to the use of ineffective technology solutions when better,
more effective/efficient technologies exist but are not heavily implemented.
• IT operating expenses are increasing and a main driver of those costs is tied directly to an increase in malware incidents. » Most respondents consider malware a significant factor in those cost drivers.
•Malware continues to be on the rise with attack vectors focused more on third-party and web-based applications.
34
![Page 35: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/35.jpg)
More Information
• Data Privacy Day 2012» http://
www.lumension.com/2012-Data-Privacy-Day.aspx
• Quantify Your IT Risk with Free Scanners» http://www.lumension.com/special-offer/
premium-security-tools.aspx
• Lumension® Endpoint Management and Security Suite» Demo:
http://www.lumension.com/endpoint-management-security-suite/demo.aspx
» Evaluation: http://www.lumension.com/endpoint-management-security-suite/free-trial.aspx
2012 State of the Endpoint Report
http://www.lumension.com/2012-state-of-the-endpoint.aspx
35
![Page 36: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/36.jpg)
Q&A
![Page 37: The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d536b8bb61eb7b088b4621/html5/thumbnails/37.jpg)
Global Headquarters8660 East Hartford Drive
Suite 300
Scottsdale, AZ 85255
1.888.725.7828
http://blog.lumension.com