72% of businesses experienced increase in endpoint and IoT security incidents in the past 12 months

October 6, 2020

The ongoing global pandemic that has led to massive levels of remote work and an increased use of hybrid IT systems is leading to greater insecurity and risk exposure for enterprises. According to new data released by Cybersecurity Insiders, 72% of organizations experienced an increase in endpoint and IoT security incidents in the last year, while 56% anticipate their organization will likely be compromised due to an endpoint or IoT-originated attack with the next 12 months.

The 2020 Endpoint and IoT Zero Trust Security Report sponsored by Pulse Secure and produced by Cybersecurity Insiders, examines the key issues, considerations, initiatives, and investments that enterprises are advancing for more robust Zero Trust endpoint and IoT security.

The comprehensive survey of 325 IT and cybersecurity decision makers in the US, conducted in September 2020, represented a balanced cross-section of organizations from financial services, healthcare and technology to government and energy.

Alongside headline data that the majority experienced an endpoint and IoT security incident over the last 12 months, the top 3 issues were related to malware (78%), insecure network and remote access (61%), and compromised credentials (58%). Perhaps more concerning was that over forty percent of respondents (43%) expressed “moderate to unlikely means to discover, identify, and respond to unknown, unmanaged, or insecure devices accessing network and cloud resources.”

“It is clear from this new research that the challenge of securing IoT and end-points has escalated considerably as employees have been forced to work remotely while organisations try to rapidly adapt to the situation,” said Scott Gordon, Chief Marketing Officer at Pulse Secure. “The threat is real and growing. Yet, on a positive note, the survey shows that organisations are investing in key initiatives and adopting zero trust elements such as remote access device posture checking and Network Access Control (NAC) to address some of these issues. “

The research found that 41% will implement or advance on-premise device security enforcement (NAC), 35% will advance their remote access devices posture checking, and 22% will advance their IoT device identification and monitoring capabilities.

For those that have been victim of an endpoint or IoT security issue, the most significant negative impact was a reported loss of user (55%) and IT (45%) productivity, followed by system downtime (42%).

Holger Schulze, CEO and Founder of Cybersecurity Insiders added, “The diversity of users, devices, networks, and threats continue to grow as enterprises take advantage of greater workforce mobility, workplace flexibility, and cloud computing opportunities. Not only do organizations need to ensure endpoints are secure and adhering to usage policy, but they must also manage appropriate IoT device access. New Zero Trust security controls can fortify dynamic device discovery, verification, tracking, remediation, and access enforcement.”

The full 2020 Endpoint and IoT Zero Trust Security Report is available for free download at https://www.pulsesecure.net/endpoint-IOT-securityreport/. Additional key findings include:

Respondents rated the biggest endpoint and IoT security challenges as #1 insufficient protection against the latest threats (49%), #2 high complexity of deployment and operations (47%), and #3 inability to enforce endpoint and IoT device access/usage policy (40%).

Respondents rated the most critical capabilities required to mitigate endpoint and IoT security as #1 monitoring endpoint or IoT devices for malicious or anomalous activity (54%), #2 blocking or isolating unknown or at-risk endpoint and IoT devices’ network access (51%), and #3 blocking at-risk devices’ access to network or cloud resources (46%).

When asked about anticipated investments to secure remote worker access and endpoint security technology, most organizations (61%) anticipate an increase, or significant increase, while few expect a decrease (6%).

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

72% of businesses experienced increase in endpoint and IoT security incidents in the past 12 months

Related Articles

Related Products

Report Abusive Comment