A new report from Enterprise Strategy Group found that many enterprises feel breach prevention and detection is more difficult today than two years ago.
According to a survey of 200 IT and information security professionals, 75 percent agreed that detecting and preventing a breach has become harder. Fifty-nine percent said malware has grown more sophisticated during the last 24 months and presents fresh challenges – even though the vast majority (87 percent) said they have increased endpoint security spending during the same period.
The survey also revealed that 54 percent felt that it was impossible to keep up with the amount of alerts related to endpoint security threats and breaches.
“Despite efforts to stay on top of patches and updates – and spending more on endpoint security products that should detect malware – it is obvious that IT organizations are becoming frustrated in their attempts to stay ahead of cyber criminals,” said Jon Oltsik, senior principal analyst with the Enterprise Strategy Group, in a statement.
A particular focus of the survey was the subject of browser-based breaches. Eighty-one percent of organizations that experienced a security breach within the past 24 months that tied it to an attack that was introduced into the network via a browser classified the time it took to remediate the breach as “very significant” or “significant.”
Some 82 percent of those surveyed said they were concerned about files containing malicious content downloaded via browsers. Eighty-five percent reported that their IT departments work to keep browsers patched, and 84 percent monitor browser configurations for vulnerabilities.
Ninety-two percent said they would characterize their organization as being “very aggressive” or “somewhat aggressive” in terms of their willingness to test and adopt new types of cybersecurity technologies.
“The common web browser is a malware distribution system for advanced persistent threats,” Branden Spikes, CEO and CTO of Spikes Security, which commissioned the study, said in a statement. “It’s simultaneously the most ubiquitous and strategically important application in the enterprise, so naturally it has become the focus for hackers. Every click can potentially place the network and the organization at risk.”
More from Brian Prince
- U.S. Healthcare Companies Hardest Hit by ‘Stegoloader’ Malware
- CryptoWall Ransomware Cost Victims More Than $18 Million Since April 2014: FBI
- New Adobe Flash Player Flaw Shares Similarities With Previous Vulnerability: Trend Micro
- Visibility Challenges Industrial Control System Security: Survey
- Adobe Flash Player Zero-Day Exploited in Attack Campaign
- Researchers Demonstrate Stealing Encryption Keys Via Radio
- Researchers Uncover Critical RubyGems Vulnerabilities
- NSA, GCHQ Linked to Efforts to Compromise Antivirus Vendors: Report
Latest News
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- China Says It’s Looking Into Report of Spy Balloon Over US
- GoAnywhere MFT Users Warned of Zero-Day Exploit
