Security pros lack faith in endpoint protection

Organizations face increasing numbers of threats today and a high percentage of security professionals now no longer trust traditional protection solutions.

A survey by enterprise security specialist Bromium reveals that 92 percent of respondents have lost confidence in the ability of traditional endpoint protection solutions, such as antivirus and white listing, to detect unknown threats like zero-day attacks. In addition 78 percent believe antivirus software is not effective even against general cyber attacks.

End users are seen as the greatest security risk by 62 percent of respondents. In addition more than one-quarter cited emerging cloud and mobile technologies that reduce IT control, 29 percent cited cloud services and 29 percent said mobile devices are among the top sources of risk.

When asked what they thought was most effective at preventing cyber threats 58 percent of information security professionals named endpoint threat isolation. Nearly one-third said network-based solutions are effective; 28 percent have faith in intrusion detection/intrusion prevention (IDS/IPS), and 27 percent think network sandboxes are effective.

"The frequency and magnitude of high-profile data breaches is causing organizations to lose faith in detection-based solutions, such as antivirus," says Clinton Karr, senior security strategist at Bromium. "Information security professionals are turning instead to technologies that provide proactive protection, such as threat isolation, as the foundation of their security architecture".

The loss of confidence in traditional solutions means security professional are turning to other measures. Prevention, such as hardening and isolating systems, is at the root of security architecture according to 58 percent of respondents, compared to 23 percent who believe it's detection, 16 percent response, and 34 percent predictive analytics.

You can find out more about the study on Bromium's blog.

Image Credit: Sergey Nivens / Shutterstock