Bromium, Inc., the pioneer of threat isolation to prevent data breaches, conducted a survey at this year’s Infosecurity Europe, where more than 125 information security professionals were asked about the greatest risks facing organisations today and the effectiveness of different solutions and architectures.
The results show that while concern for end-user risk persists, confidence is waning in traditional detection-based security solutions, such as antivirus and firewalls. Instead, interest is shifting toward prevention-based security solutions, such as endpoint threat isolation.
“The frequency and magnitude of high-profile data breaches is causing organisations to lose faith in detection-based solutions, such as antivirus,” said Clinton Karr, senior security strategist at Bromium. “Information security professionals are turning instead to technologies that provide proactive protection, such as threat isolation, as the foundation of their security architecture.”
Highlights from the “Enterprise Security Confidence Report” include:
- Less Confidence in Legacy Detection Solutions – An overwhelming majority of respondents (92 per cent) said they have lost confidence in the ability of traditional endpoint protection solutions, such as antivirus and white listing, to detect unknown threats like zero-day attacks. Additionally, 78 per cent believe antivirus is not effective against general cyber attacks.
- Endpoint Threat Isolation is Most Effective – When asked to select from a list of security solutions, information security professionals said they consider endpoint threat isolation the most effective solution at preventing cyber threats (58 per cent). Nearly one-third said network-based solutions are effective; 28 per cent have faith in intrusion detection/intrusion prevention (IDS/IPS); and 27 per cent think network sandboxes are effective.
- End Users Source of Greatest Risk – Nearly two-thirds of respondents (62 per cent) believe that users are one of the greatest sources of security risk. Additionally, more than one-quarter cited emerging cloud and mobile technologies that reduce IT control; 29 per cent cited cloud services; and 29 per cent said mobile devices among the top sources of risk.
- Prevention is Foundation of Security – A majority of respondents (58 per cent) believe that prevention, such as hardening and isolating systems, is the most foundational aspect of security architecture, compared to 23 per cent who cited detection, 16 per cent who cited response (investigation/remediation), and 34 per cent who said predictive analytics.
According to Gartner analysts Neil MacDonald and Peter Firstbrook, in “Designing an Adaptive Security Architecture for Protection From Advanced Attacks,” published 12 February, 2014, “Harden and isolate systems: We believe the foundation of any information security protection architecture should start by reducing the surface area of attack by using a combination of techniques. These techniques limit a hacker’s ability to reach systems, find vulnerabilities to target and get malware to execute.”
Bromium micro-virtualisation isolates threats, reducing the attack surface to eliminate data breaches. Bromium vSentry™ automatically isolates each vulnerable user task, such as visiting a website, opening a document or accessing a USB drive.
Malware entering a micro-VM cannot modify the operating system or gain access to local or enterprise data or network infrastructure. Bromium LAVA™ provides real-time security intelligence without false positives, enabling security teams to quickly analyse and respond to threats.
The post 92 per cent of infosec professionals have totally lost confidence in antivirus appeared first on IT SECURITY GURU.