Bromium, the micro-virtualisation specialists from California, have just released the results of a survey conducted at RSA 2016 with some surprising results. Users take note!
Asking 100 security professionals whether users were causing them the most headaches in their work, 70% of respondents replied “yes” – a pretty conclusive answer. What’s more Bromium have completed similar surveys in previous year which have delivered the same answer, showing that something really must be done in this area.
The threat of data breaches being caused by employee error or lack of awareness has evidently not abated, despite the security sector experiencing fantastic growth in recent years and a renewed emphasis on security in the business world.
Bromium’s suvey also found that security pros still see endpoint risk as the biggest security risk – 49% of respondents said this, following on from another Bromium survey that found endpoint security risks were perceived as 5 times greater than network or cloud risk.
So why is this the case? Well endpoints are often cited as vulnerable for a few reasons – because they’re often not up to date patch-wise, so many devices connect to corporate networks with the dawn of BYOD and companies can’t control what their employees are doing on their smartphones. This list is hardly exhaustive, as there are so many reasons endpoints can become compromised.
When it comes to patching, the survey also revealed what some in the security industry would consider a gaping hole in defences – that more than a quarter of respondents took more than a month to patch zero-days. Bromium found the same at Black Hat – however there’s hope on the horizon as 50% of respondents said patches for zero-days were implemented in the first week.
To see what else Bromium found at RSA, the full results are available here: http://blogs.bromium.com/2016/03/04/rsa-conference-2016-state-of-security-survey/