Many organizations were uncertain about their ability to detect a cyber attack, as almost half of those surveyed (49%) said they did not even know if they had been compromised. Highlighting the problem of blind spots on enterprise endpoints, 61% of respondents rated their ability to detect suspicious behavior in advance of an attack as no better than average.
In organizations that use point-of-sale (POS) systems to process credit card payments, 70% admitted they had no way of knowing if their systems had been targeted. And only 20% were able to say with confidence that their POS systems had not been targeted by cyber attack. Among POS users, only half (52%) were confident or very confident that their current security solution would be able to stop advanced threats or targeted attacks against their systems.
“Visibility is critical for effective security, yet these results show that far too many organizations don’t know what’s happening on their endpoints”, said Ben Johnson, Chief Evangelist for Bit9 + Carbon Black. “You can’t stop advanced threats and targeted attacks if you can’t see what’s happening. Prevention, detection and response are built on the ability to see all activity on every endpoint and server”.
Other findings include:
- End-user machines, i.e., laptops and desktops, were cited as being most vulnerable to cyber attack (41%), demonstrating the need for organizations to ensure they can continuously monitor and record activity across all endpoints.
- 74% of respondents still had systems running on Windows XP, even though the OS has now reached end of life. And only 29% of that group had plans to put a new OS in place.
- When asked about the impact of an attack on their organization, respondents worried most about system downtime (77%), data compromise/loss (68%) and damage to their corporate brand (52%). 50% admitted that a cyber attack would impact them financially.
- Looking at the source of possible cyber-attacks, 61% of respondents cited disgruntled employees as being one of the top three most likely attackers—exceeded only by Anonymous or other hacktivists (86%) and cyber criminals (77%). These figures reflect the need to actively enforce security policies for internal staff and systems in addition to securing systems—and the important data on them—against outsider attacks.