Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

What Keeps Security Professionals Up at Night? Their Users

You might believe that the expensive network security hardware you installed will protect you from bad actors — until a single employee undoes all that good work when he doesn’t realize the attachment he just opened carries dangerous malware.

You might believe that the expensive network security hardware you installed will protect you from bad actors — until a single employee undoes all that good work when he doesn’t realize the attachment he just opened carries dangerous malware. It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.

According to a survey of attendees at the 2016 RSA Conference, users cause the most sleepless moments for security professionals. We asked 100 attendees, “Are users your biggest security headache?” Seventy-percent said yes, about in line with a similar survey we conducted at Black Hat in 2014, where 74 percent of attendees also said users were their biggest headache. Read on for more insights from our RSA survey — as well as security professionals’ resounding “no” on whether Apple should comply with the FBI’s request to bypass iOS security.

Endpoints are the biggest source of security risk

Keyboard and MouseIn line with concerns about users, security professionals are also worried about endpoint security: After all, this is where concerns about protecting entry points and user behavior intersect. Forty-nine percent of security professionals we surveyed said endpoints are the source of their greatest security risk, followed by insider threats (21 percent), networks (16 percent), and the cloud (14 percent). This fear is borne out by research: Verizon’s 2015 Data Breach Investigations Report says that end-user devices were a factor in 82 percent of security incidents. 

Delays in patching zero-day vulnerabilities

Patching for known vulnerabilities is part of a “low hanging fruit” approach to security – in other words, it’s a straightforward way to prevent threats using zero-day vulnerabilities. When asked how quickly their organizations patched for zero-day vulnerabilities, 50 percent of security professionals said they did so in the first week. However, 24 percent said they waited a month, and 26 percent said more than a month. A delayed approach to patching leaves dangerous windows open to bad actors.

Ransomware, a rising threat, is coming onto to the radar in the security world: 49 percent of security professionals we surveyed said they or someone they knew had been infected with ransomware.

Wait-and-see approach to Windows 10

It seems like security professionals are taking a wait-and-see approach to Windows 10. Twenty-nine percent said they’ll spend the next 12 months conducting initial evaluations of the OS, while 23 percent said they plan a partial deployment during this time; 12 percent plan a wide-scale deployment of Windows 10. However, 36 percent said they have no current plans around a Windows 10 rollout.

Advertisement. Scroll to continue reading.

Some survey respondents also remain unsure of how Windows 10 can be used to improve organizational security. We asked RSA attendees which Windows 10 security feature will be most effective at combating cyber attacks. Twenty-seven percent had no response; 30 percent chose Microsoft Passport (two-factor authentication), while 27 percent chose Device Guard (locking down devices so they only run trusted applications).

Prevention, not remediation, is key to cyber security

Stopping attackers before they can wreak havoc – not after – is the smartest security posture, according to RSA attendees. Sixty-four percent said prevention is the most effective aspect of a cyber security architecture, followed by detection (17 percent) and prediction (17). Only 2 percent said remediation is most effective.

When we flipped the question around, remediation wasn’t shown much love: 47 percent of security professionals said remediation is the least effective aspect of cyber security architecture; 36 percent said prediction was least effective.

A big “no” to FBI re: Apple

Of course, we couldn’t leave RSA without asking attendees to weigh in on the controversy surrounding Apple, the FBI, and the San Bernardino terrorists’ locked iPhone. Only 14 percent said they believe that Apple should comply with the FBI’s request to bypass security of the Apple iOS. An overwhelming 86 percent said Apple should not comply – reflecting the security industry’s discomfort with the idea of significantly weakening security and privacy for just a single case. We think security professionals realize that once technology companies acquiesce to government requests to bypass security features, the Pandora’s box can’t be closed.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Phishing

The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...

Fraud & Identity Theft

Famed hacker Kevin Mitnick has died after a battle with pancreatic cancer.  At the time of his death, he was Chief Hacking Officer at...

Endpoint Security

Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards.

Cybercrime

Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be...

Endpoint Security

Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs.