Ponemon Institute reveals 68% of organizations were victims of successful endpoint attacks in 2019

Jan. 30, 2020
Third Annual Study on the State of Endpoint Security Risk shows 80% of successful breaches are from zero-day exploits

A new study released by Ponemon Institute finds that organizations are not making progress in reducing their endpoint security risk, especially against new and unknown threats. The Third Annual Ponemon Institute Study on the State of Endpoint Security Risk, sponsored by Morphisec, found that 68% IT security professionals say their company experienced one or more endpoint attacks that compromised data assets or IT infrastructure in 2019, an increase from 54% of respondents in 2017.

Of those incidents that were successful, 80% were new or unknown, zero-day attacks. These attacks either involved the exploitation of undisclosed vulnerabilities or the use of new malware variants that signature-based, detection solutions do not recognize. Zero-day attacks continue to increase in frequency and are expected to more than double in the coming year. These attacks are also inflicting more bottom-line business damage. The study found that the average cost per endpoint breach increased to $9M in 2019, up more than $2M since 2018.

“Corporate endpoint breaches are skyrocketing and the economic impact of each attack is also growing due to sophisticated actors bypassing enterprise antivirus solutions,” said Larry Ponemon, Chairman and Founder of Ponemon Institute. “Over half of cybersecurity professionals say their organizations are ineffective at thwarting major threats today because their endpoint security solutions are not effective at detecting advanced attacks.”

The third annual study surveyed 671 IT security professionals responsible for managing and reducing their organization’s endpoint security risk. In addition to expressing concern over zero-day threats, respondents noted increasing vulnerability during patch gaps. In fact, 40% of companies say it’s taking longer to patch, with an average patch gap of 97 days due to the number of patches and their complexity. Patch exploits will continue to be a hot-button issue in 2020 as the last remaining organizations upgrade to Windows 10 on the heels of Windows 7 end of life, and patch frequency increases.

However, the shift to Windows 10 is also ushering in new enterprise security strategies that can be effective in thwarting more advanced threats. With Windows Defender Antivirus (AV) built into the Windows 10 operating system, 80% of organizations report using or planning to use Devender AV for savings over their legacy antivirus solution. Cost savings are being reallocated towards an added layer of advanced threat protection in endpoint stacks and an increase in IT resources. Over half (51%) of cybersecurity professionals say they’ve added an extra layer of security to their antivirus solutions. Furthermore, since 2017 the number of IT departments reporting they have ample resources to minimize endpoint threats has increased from 36% to 44%.

“Combining the embedded antivirus features of Defender AV with an advanced threat protection layer from Morphisec has proven to be a powerful joint solution for improving security and simplifying IT operations,” said Andrew Homer, VP of Security Strategy at Morphisec. “Morphisec’s moving target defense morphs critical IT assets to make them inaccessible to unknown attacks and virtually patches to thwart zero-day threats, all while avoiding the complexity and false-positive fatigue that comes with more costly EDR solutions.”

The study found that half of the companies who have adopted EDR cites costly customization (55%) and false-positive alerts (60%) as significant challenges. In addition, of IT departments that haven’t adopted EDR yet, 65% say lack of confidence in the ability to prevent zero-day threats and 61% note security staffing limitations as the top reasons to avoid adoption.

  • Download the complete Study on the State of Endpoint Security Risk here.

About Ponemon Institute:

The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors, and verifies the privacy and data protection practices of organizations in a variety of industries.

About Morphisec:

Morphisec delivers an entirely new level of innovation to customers with its patented Moving Target Defense technology - placing defenders in a prevent-first posture against the most advanced threats to the enterprise, including APTs, zero-days, ransomware, evasive fileless attacks and web-borne exploits. Morphisec provides a crucial, small-footprint memory-defense layer that easily deploys into a company’s existing security infrastructure to form a simple, highly effective, cost-efficient prevention stack that is truly disruptive to today’s existing cybersecurity model.