Key Findings from the 2018 SANS Endpoint Security Survey Report

2018 SANS Endpoint Security Survey report key findings

Just yesterday, global cybersecurity training firm the SANS Institute released its 2018 SANS Endpoint Security Survey report. This study surveyed IT professionals from around the world about the current state of endpoint security and endpoint security solutions. Their findings were quite surprising.

Some of the key findings from the 2018 SANS Endpoint Security Survey report include:

  • 42% of IT professionals said they had suffered a breach on their endpoints.
  • 20% said they did not know if they had been breached.
  • 82% of those that knew of a breach said it had involved a desktop.
  • 69% cited corporate laptops as the target.
  • 42% cited employee-owned laptops.
  • Only 47% of antivirus capabilities detected threats.
  • 26% were detected by endpoint detection and response (EDR) capabilities.

For those exploited endpoints, the top threat vectors were found to be web “drive-bys” (63%), social engineering and phishing attacks (53%), and ransomware (50%).

At the same time, the 2018 SANS Endpoint Security Survey report discovered a discrepancy between the deployment of endpoint security solutions and the use of their capabilities:  

  • Of the IT professionals that had acquired next-gen endpoint security solutions, 37% haven’t implemented their full capabilities.
  • 49% of those next-gen security solutions possess fileless malware detection features, but 38% of IT professionals haven’t implemented them.

In a statement, Lee Neely—SANS Analyst and the survey’s author—said: “the diversity and quantity of endpoints in the modern enterprise are driving the need for more automation and predictive capabilities. While [organizations] are purchasing solutions to keep ahead of the emerging cyber threats, they appear to fall short on implementing the key purchased capabilities needed to protect and monitor the endpoint.”

Once a breach is detected, 63% of respondents said that it takes 24 hours or less to remediate a single compromised endpoint and 67% it takes under a week to remediate a full security incident.

You can read the full 2018 SANS Endpoint Security Survey report here.

Other Resources:

4 Tips For Endpoint Security Solutions (That Everyone Forgets)

Endpoint Security Advice for the CISO on the Go!

Endpoint Security vs Legacy Antivirus: What’s the Difference?

Comparing the Top Endpoint Security Vendors — Solutions Review

Answering the Top 4 Enterprise Endpoint Security Questions

Gartner’s 2018 Magic Quadrant for Endpoint Protection Platforms (EPP): What’s Changed?

Follow me

Ben Canner

Editor, Cybersecurity at Solutions Review
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner
Follow me

Leave a Reply

Your email address will not be published. Required fields are marked *