Non-Traditional Endpoint Security Widely Unchecked, Contributing to Surge in Breaches

Nearly 63% of organizations manage security coverage to more than 1,000 traditional and non-traditional devices; fear of ransomware chief concern

New York, NY, October 6, 2022 – The widespread shift to work-at-home environments and the proliferation of non-traditional endpoints has had a moderate to high impact on the number of enterprise-related security breaches (41%) since 2020, according to a survey conducted by CRA Business Intelligence, the research and content arm of the cybersecurity data and insights company CyberRisk Alliance.

Non-traditional endpoints, such as mobile devices, IoT (Internet of Things), OT (Operational Technology), and even critical infrastructure — all with varying operating systems, versions, and patch levels — have made managing the inherent security risks difficult and complex.

The survey also reveals that organizations are struggling to obtain a holistic view of all the devices and their vulnerabilities, and to mitigate and fix vulnerabilities to manage risk and ensure compliance. The report, based upon the responses of 204 security and IT leaders and execu­tives, security administrators, and compliance professionals based in theUnited States, indicates that these devices pose a large attack surface and, in fact, can be the riskiest devices connected to corporate networks.

In addition to the monitoring of traditional devices like PCs and servers, a large majority (84%) of respondents reported they also monitor mobile devices on their network, with respondents reporting that their security solutions cover large volumes of both traditional and non-traditional endpoints and devices. In fact, nearly two-thirds (63%) of respondents said they are managing more than 1,000 traditional and non-traditional devices.

According to one respondent, “the most significant hurdles our organization faces in this environment are dealing with the multitude of new mobile devices and OSes being introduced at a faster pace. It makes securing them as endpoints a challenge since the accompanying security solutions tend to lag the introduction of these devices and OSes. This trend will likely only increase in the future, with ever more complex devices being developed.”

Key findings from the report:

• The impact that mobile and other non-traditional endpoints have on security is significant, with 43% indicating they are very or extremely concerned about device security in the next 12 months. The fear of ransomware and the damage it could inflict in their environments remains a top concern, as reported by about two-thirds of respondents. Other top concerns include the expanding attack surface (60%) and data leakage (49%).
• Device security strategies are advancing along with the vulnerabili­ties and security concerns that have been exacerbated by the remote workforce. Many organizations are also evolving their endpoint security strategies to confront their fear of ransomware (61%), building business resiliency (58%) and complying with regulatory requirements (55%).
• Most respondents (60%) characterize their organization’s device secu­rity program as proactive and/or automated, while only one in five said they have the most mature programs that include some level of integration with their other systems or infrastructure. Overall, less than half the respondents (42%) believe their organization’s device security strategy is either very effective or extremely effective in protecting sensitive information stored on and transmitted by traditional and non-traditional devices.
• The largest shares of respondents indicated they incorporate patch management (79%), endpoint detection and response (78%), vulner­ability management (72%), asset discovery/management (70%), and mobile device security (64%) as part of their endpoint security programs and strategies. Endpoint security strategies that include OT/ICS devices, automated remediation, and zero trust are relatively uncommon, according to survey respondents, who report low adoption rates of 28%, 29%, and 31%, respectively.
• Many organizations believe they will need to increase their budgets to provide adequate protection. While almost one in four respondents said their device security budgets will remain unchanged in the next 12 months, another 70% indicated they will likely increase their device security budgets at some level. In a few cases, respondents noted a lack of upper management support in securing their organi­zations’ devices, which translates to steep cost to these organizations if the security of non-traditional devices continues to go unchecked.

All in all, device security technology/MDM software product selection and implementation, limited budgets and resources, device policies and compliance, and upper-level manage­ment support for device management strategies and purchase are all challenges faced in pursuing effective courses of action to secure organizations from ransomware and other threats.

The full research report is available for download here.

About CyberRisk Alliance

CyberRisk Alliance (CRA) is a business intelligence company serving the high growth, rapidly evolving cybersecurity community with a diversified portfolio of services that inform, educate, build community, and inspire an efficient marketplace. Our trusted information leverages a unique network of journalists, analysts and influencers, policymakers, and practitioners. CRA’s brands include SC Media, SecurityWeekly, ChannelE2E, MSSP Alert, InfoSec World, Identiverse, Cybersecurity Collaboration Forum, its research unit CRA Business Intelligence, and the peer-to-peer CISO membership network, Cybersecurity Collaborative. Click here to learn more.