- Endpoint and IoT security incidents escalate in the past 12 months as employees are forced to work remotely
- The top 3 issues cited by IT decision-makers are malware (78%), insecure network and remote access (61%), and compromised credentials (58%)
- Respondents cite failure to discover, identify and respond to unknown, unmanaged or insecure devices accessing network and cloud resources
- The most critical capability required to mitigate security incidents is monitoring endpoint or IoT devices for malicious or anomalous activity
As employees everywhere have been forced to work remotely this year, the challenge of securing Internet of Things (IoT) applications and endpoints has escalated dramatically, research shows.
Over two-thirds of businesses have suffered an increase in endpoint and IoT security incidents in the past 12 months, with cybersecurity experts citing malware, insecure networks, and remote access as their top concerns.
A survey by Cybersecurity Insiders (sponsored by Pulse Secure) of 325 IT and cybersecurity decision-makers in the US shows that the majority of organizations experienced an endpoint security incident over the last 12 months. Malware was the most common incident, cited by 78%, followed by insecure network and remote access at 61%, and compromised credentials, cited by 58%.
The negative impact of an endpoint/IoT cyber-incident was mostly felt as hampered productivity, followed by system downtime, around half of respondents said.
Over 40% of respondents expressed “moderate to unlikely means to discover, identify, and respond to unknown, unmanaged, or insecure devices accessing network and cloud resources.”
Respondents rated the biggest endpoint and IoT security challenges as:
- #1 insufficient protection against the latest threats (49%)
- #2 high complexity of deployment and operations (47%)
- #3 inability to enforce endpoint and IoT device access/usage policy (40%)
Decision-makers surveyed named the following top critical capabilities required to mitigate endpoint and IoT security:
- #1 monitoring endpoint or IoT devices for malicious or anomalous activity (54%)
- #2 blocking or isolating unknown or at-risk endpoint and IoT devices’ network access (51%)
- #3 blocking at-risk devices’ access to network or cloud resources (46%)
Bitdefender addresses this problem with its Network Traffic Security Analytics offering. NTSA’s breach-detection capabilities extend to every endpoint in the enterprise network. By focusing on endpoints' network behavior, it can protect devices with limited or no built-in security capabilities and no endpoint security agent running on top.
Using network traffic as its source of information, NTSA detects threats immediately as endpoints deviate from normal behavior, whether due to an external source or an internal malicious attack.
Detection is also effective against both generic and advanced persistent threats, and threats never seen before. Incident alerts are automatically correlated and triaged for greater efficacy in security operations and improved incident investigation. The integration with Bitdefender GravityZone enables autonomous responses to remediate security incidents quickly.