The Implications of “Endpoint Protection: Attitudes and Opinions”

Bromium has just published the results of “Endpoint Protection: Attitudes and Opinions,” a survey of more than 300 information security professionals, focused on end user threats and security. The majority of the respondents believe:

  • Existing security solutions are unable to stop endpoint infections,
  • Anti-virus is unable to stop advanced targeted attacks and
  • End users are their biggest security headache.

  1: Are users your biggest security headache?
Yes 242 72.0%
No 91 27.1%
Don’t Know 3 0.9%

Previously, the Verizon Data Breach Intelligence Report found that 71 percent of attacks targeted user devices, so it makes sense that 72 percent of information security professionals believe users are their biggest security headaches. User devices can be compromised in a moment by drive-by downloads, system vulnerabilities and e-mail attachments, yet it can be time-consuming and expensive for information security teams to fix these problems. The alternative, locking down system resources, is not a popular option because it greatly reduces productivity with a negative user experience.

  2: Do you think your current security technology stops all end point breaches/infections?
Yes 45 13.4%
No 285 84.8%
Don’t Know 6 1.8%

Overwhelmingly, organizations have deployed information security “defense in depth,” but Bromium Labs research has proven that it is elementary for attacks to bypass layered security solutions because they share a weak link in the vulnerable Windows kernel. Therefore, it should not be surprising that nearly 85 percent of information security professionals believe their current security technology cannot stop all endpoint infections.

  3: Do you think that current AV stops targeted attacks like APTs or spear phishing?
Yes 38 11.3%
No 283 84.2%
Don’t Know 15 4.5%

Recently, Symantec notoriously declared anti-virus “is dead,” noting that AV detection rates of cyber-attacks are approximately 45 percent. It comes as no surprise that nearly 85 percent of information security professionals have lost faith in the ability of AV to stop advanced target attacks. Advanced attacks are designed and tested to evade detection and polymorphic code ensures attacks remain a step ahead of AV signatures.

  4: If your users could click on anything at anytime and not get infected would you sleep better at night?
Yes 254 75.6%
No 78 23.2%
Don’t Know 4 1.2%

Drive-by downloads are a common attack vector that leverage Java vulnerabilities to execute malicious code. Information security teams have nightmares thinking about end users getting infected by malicious URLs, videos and email attachments. It may seem like information security professionals are dreaming to believe that a user could click on anything at any time and avoid infection, but micro-virtualization, such as Bromium vSentry, makes those dreams a reality.

  5: Are you looking for endpoint security that can protect users against all known and unknown threats?
Yes 219 65.2%
No 111 33.0%
Don’t Know 6 1.8%

Nearly two-thirds of information security professionals are looking for endpoint security solutions that can protect against all known and unknown threats. In June 2014, Forrester Research published a report, “Prepare for the Post-AV Era Part 1: Five Alternatives to Endpoint Antivirus,” which highlights a new class of endpoint protection solutions. Among these solutions is endpoint execution isolation, such as Bromium vSentry.

Bromium vSentry provides hardware-enforced micro-virtualization, enabling the isolation of each task a user performs. Isolation prevents malicious attacks, either known or unknown, from infecting the endpoint or compromising the corporate network. Bromium ensures that every end user has proactive protection against zero-day and advanced targeted attacks, regardless of where they are working or what they are doing. Results have been validated in an independent NSS Labs Test Report.

Source: Bromium Blog