Among findings in the new Ponemon report 2018 State of Endpoint Security Risk report: 64% of enterprises have been compromised in the past 12 months by attacks, the cost of a successful cyber-attack increased 42% year/year, and organizations are now 4x more likely to be hit with a zero-day attack bypassing existing defenses compared to traditional attack methods such as a fileless attack. In response, an expert with Virsec offers perspective on these findings.
Satya Gupta, CTO and Co-founder at Virsec:
“It’s not surprising that fileless attacks are on the rise, because they work. What is worrisome is how slow many organizations been to respond to these new tactics and adjust their security strategies. We’re still stuck in a mindset of guarding the perimeter and stopping what’s been seen before. And few people want to admit that security-by-patching doesn’t come close to keeping up.
“What this report doesn’t highlight is that not all endpoints are equal. Protecting user devices is important, but the greatest risk to organizations lies in not adequately protecting their business-critical applications. For advanced attacks the battleground is within runtime application memory, where fileless attacks can manipulate legitimate processes in ways that are difficult to detect. Our focus needs to shift away from endlessly chasing external threats to ensuring that our applications have guardrails to ensure they execute properly.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.