A Deep Instinct research, which seeks to discover the cybersecurity concerns keeping CISO’s and SecOps professional up at night, found that 86% of UK respondents believe it is not possible to fully prevent ransomware and malware attacks from compromising their organizations defenses. It also found that the rise in the number of endpoints that businesses need to protect continues to be a key source of risk exposure.
The research, which surveyed 1,500 cybersecurity professionals globally – including 200 UK decision makers – discovered the difficulties that UK organizations are experiencing in maintaining a consistent security posture across their organizations. Highlighting how endpoint exposure continues to remain a cause for concern, one third of endpoints deployed in the UK currently have no security agent installed.
Endpoint protection levels may vary
Furthermore, 70 percent of UK businesses say that they cannot ensure that every endpoint has the same level of protection. This is compounded with 65 percent saying they cannot guarantee every endpoint has the same level of visibility for consistent patching or that every endpoint is secured against the same threats (62 percent).
When examining the challenges facing organizations in detecting threats present within the network, 24 percent of respondents cited the volume of false positives as being one of the biggest barriers, – higher than the global average of 18 percent. However, 47% said that the lack of threat prevention specific to the volume of never-before-seen malware was the top concern.
While the time taken to investigate threats once discovered was of concern to 42 percent of UK respondents, the findings also revealed that the average response time to a cyber incident is 20.2 hours – more than two ‘working’ days, in-line with the global average of 20.9 hours. The time delay in responding to an incident opens the possibility for more damage to be done by the attacker and leaves fewer resources for basic security hygiene.
The fear of cloud-based apps being used as a threat vector
The continued move by organizations to enable greater collaboration between users, partners, suppliers, and customers by enabling third-party access to upload documents and files to the cloud, has led to UK businesses feeling concerned about their own cloud-based apps being used as a threat vector.
The research found that 62 percent of UK businesses are concerned that third parties will upload malicious files to their cloud repository and 24% have “complete” confidence that their cloud/local repository files don’t already hold malicious files.
“In this research, CISO’s and SecOps teams have clearly identified the challenges they are facing daily, including a lack of consistent and thorough endpoint security, exposed cloud storage, malicious file uploads and, and crucially, the time taken to resolve identified threats,” said Brooks Wallace, VP EMEA at Deep Instinct.
“Ransomware and the constant barrage of new malware variants aren’t going to disappear anytime soon, in fact reality tells us that it can only get worse. There isn’t time to waste when it comes to stopping a threat, it must be prevented within milliseconds before it has the chance to take hold and laterally move through the network. It is imperative that organizations adopt a security-first strategy to combat the gaps that exist in their security posture”
Additional highlights
- 99 percent of respondents surveyed reported that they did not believe all their endpoints were protected by at least one security agent.
- Hidden persistence, whereby threat actors discreetly maintain long-term access to systems despite disruptions such as restarts or changed credentials, is the most feared tactic used by attackers to launch large-scale attacks (40 percent).
- Lack of qualified SecOps staff (35 percent) causes challenges for incident response.
- 45 percent believe it is currently possible to prevent all malware threats from infiltrating their organization’s network and 66% believe it may be possible to prevent all malware threats from infiltrating their organization’s network in the next 2-5 years.
Credit: Source link