5 headaches providers face from endpoint security

New fileless attacks take advantage of gaps in existing defenses that leave mobile devices and other computers vulnerable.


5 headaches providers face from endpoint security

Data security attacks on the nation’s healthcare systems continue to evolve, and organizations are struggling to secure their endpoints—the mobile devices, laptops, desktops and servers—that connect to a provider’s core network. Providers are trying new tools to prevent what are known as “fileless” attacks, which exploit gaps in traditional endpoint security. However, current solutions aren’t stopping the attacks, according to data security firm Ponemon Institute in a new report based on results of a survey of 665 IT security professionals. The survey was sponsored by Barkly, a vendor of endpoint protection platforms. Here are key findings.



Protection gaps

A fileless attack avoids downloading malicious executable files by using exploits, macros, scripts or legitimate system tools instead. Rather than installing malicious files that antivirus software can scan and block, these attacks use exploits that run malicious code or launch scripts from memory, infecting endpoints without leaving evidence behind.

Only 36 percent of security pros say their organization has the resources to minimize fileless attacks, despite 69 percent reporting that endpoint security risks have significantly increased. Only three in 10 respondents believe traditional protections such as antivirus programs, which rely on file scanning and signature matching, provide protection to stop serious attacks from new and unknown threats.



Growing threat

IT professionals responding to the survey estimate that 29 percent of attacks their organizations faced in 2017 were fileless attacks, up 20 percent from the previous year, and they expect the attacks to comprise 35 percent of all attacks in 2018. That’s because fileless attacks work, according to more than half of respondents, who report that on average they stop only 54 percent of attacks on their endpoints.



Hardening defenses

In the past year, 28 percent of respondent organizations invested in additional solutions for detection and response protection, and 22 percent added next-generation endpoint protection. Some 19 percent replaced their antivirus software with another vendor’s solution, 17 percent made no changes to their endpoint protection strategy, and 14 percent replaced their antivirus with a next-generation antivirus and endpoint protection solution.



Growing costs

Endpoint security risk is becoming more difficult and costly to manage, survey respondents told Ponemon. Their organizations have an average of seven different software products installed on their endpoints to support IT management and security. For nearly half of respondents, a big problem is the high number of false positives and IT security alerts they have to respond to, which is time-consuming and costly. More than half say their solutions are not providing adequate protection against newer attacks. For organizations that had attacks get through their security, the cost of the attack is more than $5 million in downtime, damages and loss of productivity.



Ransomware’s effects

Ponemon also asked providers about their concerns of ransomware and found that 43 percent had experienced one or more such attacks in the past year. Some 65 percent of those with an attack paid an average ransom of $3,675.



In conclusion

Ponemon concludes that organizations can clearly benefit from using endpoint security solutions to block new threats such as fileless attacks, which have become more pervasive. However, to restore faith in the effectiveness of end-point security, new solutions are needed to address fileless attacks without adding unnecessary complexity to endpoint management.



More for you

Loading data for hdm_tax_topic #care-team-experience...