We’ve stated numerous times—in pleas, commands, and (recently) mantras—the importance of endpoint security. The digital perimeter may need to evolve to fit with modern demands, prevent and detect next-gen threats, and adapt to the cloud; however, this does not negate its necessity by any stretch.
Strong endpoint security can deter all but the most dedicated hackers and prevent malware from penetrating the network. With the advent of EDR, it can even detect and remediate threats before they can dwell.
On the other hand, your enterprise must understand the most likely endpoint security vulnerabilities to properly deploy and maintain your solutions. These endpoint security vulnerabilities often take the form of malware; yet they may also employee behaviors or the aftermath of a breach.
We compiled statistics on the top endpoint security vulnerabilities from some of the most recognized EPP vendors in the market. Here’s what we found:
The Current Threat Landscape
According to a 2017 survey by the Enterprise Strategy Group:
- 46% of enterprises experienced a ransomware attack in the past year.
- In 56% of those ransomware attacks, the attack affected more than 5% of their endpoints.
- 60% of enterprises experienced a recurrence of the same ransomware program in a later attack.
- 29% ranked unknown malware as the top attack form they encountered.
According to Keeper Security and the Ponemon Institute:
- The average cost of an enterprise data breach is nearly $3 million.
- 6 of 10 SMBs report more aggressive, more targeted attacks.
- 82% of SMBs have experienced attacks in which malware evaded their legacy antivirus solutions.
Meanwhile, according to the Symantec Internet Security Threat Report for February 2019:
- 2018 saw four times the number of cryptojacking attacks than 2017.
- Enterprise-targeting ransomware rose 12%.
- Mobile ransomware rose 33%.
- Malicious Powershell scripts, a key component of fileless malware attacks, rose over 1000%.
Emails and Endpoint Security Vulnerabilities
Emails constitute one of the most persistent endpoint security vulnerabilities; indeed, hackers use emails to take advantage of employees’ cybersecurity neglect or ignorance.
- 92.4% of malware is delivered via email, according to the Verizon 2018 Data Breach Investigations Report.
- According to Trend Micro, phishing constitutes 87% of high-risk email threats in 2018.
- 15.5% of malicious emails disguise themselves as a bill according to the 2019 Symantec Internet Security Threat Report (ISTR).
Threats to Business Processes
In the Enterprise Strategy Group survey, 32% said the damage to their business processes serves as the top impact of endpoint security vulnerabilities.
According to Keeper Security, slightly more than half of a data breach’s cost stems from network downtime.
The 2018 Cisco Cybersecurity Report: Special SMB Edition found 40% of SMBs suffered eight or more hours of downtime due to a data breach.
To summarize, this all goes to proves that endpoint security doesn’t just constitute an IT concern. It profoundly affects your business processes. With it, you can rest assured of your workflows’ continued smoothness. Without it, hackers can find new ways to hurt your bottom line.
Latest posts by Ben Canner (see all)
- 4 Leaders in the Forrester Wave: Cybersecurity Incident Response Services, Q1 2019 - March 19, 2019
- By the Numbers: Enterprise Endpoint Security Vulnerabilities - March 14, 2019
- The New Endpoint Security Mantras for Your Enterprise - March 13, 2019