Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

What Keeps Security Professionals Up at Night? Their Users

You might believe that the expensive network security hardware you installed will protect you from bad actors — until a single employee undoes all that good work when he doesn’t realize the attachment he just opened carries dangerous malware.

You might believe that the expensive network security hardware you installed will protect you from bad actors — until a single employee undoes all that good work when he doesn’t realize the attachment he just opened carries dangerous malware. It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.

According to a survey of attendees at the 2016 RSA Conference, users cause the most sleepless moments for security professionals. We asked 100 attendees, “Are users your biggest security headache?” Seventy-percent said yes, about in line with a similar survey we conducted at Black Hat in 2014, where 74 percent of attendees also said users were their biggest headache. Read on for more insights from our RSA survey — as well as security professionals’ resounding “no” on whether Apple should comply with the FBI’s request to bypass iOS security.

Endpoints are the biggest source of security risk

Keyboard and MouseIn line with concerns about users, security professionals are also worried about endpoint security: After all, this is where concerns about protecting entry points and user behavior intersect. Forty-nine percent of security professionals we surveyed said endpoints are the source of their greatest security risk, followed by insider threats (21 percent), networks (16 percent), and the cloud (14 percent). This fear is borne out by research: Verizon’s 2015 Data Breach Investigations Report says that end-user devices were a factor in 82 percent of security incidents. 

Delays in patching zero-day vulnerabilities

Patching for known vulnerabilities is part of a “low hanging fruit” approach to security – in other words, it’s a straightforward way to prevent threats using zero-day vulnerabilities. When asked how quickly their organizations patched for zero-day vulnerabilities, 50 percent of security professionals said they did so in the first week. However, 24 percent said they waited a month, and 26 percent said more than a month. A delayed approach to patching leaves dangerous windows open to bad actors.

Ransomware, a rising threat, is coming onto to the radar in the security world: 49 percent of security professionals we surveyed said they or someone they knew had been infected with ransomware.

Wait-and-see approach to Windows 10

It seems like security professionals are taking a wait-and-see approach to Windows 10. Twenty-nine percent said they’ll spend the next 12 months conducting initial evaluations of the OS, while 23 percent said they plan a partial deployment during this time; 12 percent plan a wide-scale deployment of Windows 10. However, 36 percent said they have no current plans around a Windows 10 rollout.

Some survey respondents also remain unsure of how Windows 10 can be used to improve organizational security. We asked RSA attendees which Windows 10 security feature will be most effective at combating cyber attacks. Twenty-seven percent had no response; 30 percent chose Microsoft Passport (two-factor authentication), while 27 percent chose Device Guard (locking down devices so they only run trusted applications).

Prevention, not remediation, is key to cyber security

Stopping attackers before they can wreak havoc – not after – is the smartest security posture, according to RSA attendees. Sixty-four percent said prevention is the most effective aspect of a cyber security architecture, followed by detection (17 percent) and prediction (17). Only 2 percent said remediation is most effective.

When we flipped the question around, remediation wasn’t shown much love: 47 percent of security professionals said remediation is the least effective aspect of cyber security architecture; 36 percent said prediction was least effective.

A big “no” to FBI re: Apple

Of course, we couldn’t leave RSA without asking attendees to weigh in on the controversy surrounding Apple, the FBI, and the San Bernardino terrorists’ locked iPhone. Only 14 percent said they believe that Apple should comply with the FBI’s request to bypass security of the Apple iOS. An overwhelming 86 percent said Apple should not comply – reflecting the security industry’s discomfort with the idea of significantly weakening security and privacy for just a single case. We think security professionals realize that once technology companies acquiesce to government requests to bypass security features, the Pandora’s box can’t be closed.

Written By

Click to comment

Expert Insights

Related Content

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Phishing

The Single Most Important Part of Dealing with a Phishing Attack is Preparing for the Attack Before it Actually Happens.

Phishing

The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...