The ongoing global pandemic
that has led to massive levels of remote work and an increased use of hybrid IT
systems is leading to greater insecurity and risk exposure for enterprises.
According to new data today released by Cybersecurity Insiders, 72% of
organizations experienced an increase in endpoint and IoT security incidents in
the last year, while 56% anticipate their organization will likely be
compromised due to an endpoint or IoT-originated attack with the next 12 months.
The 2020 Endpoint and IoT Zero Trust Security Report
sponsored by Pulse Secure and produced by Cybersecurity Insiders, examines the
key issues, considerations, initiatives, and investments that enterprises are
advancing for more robust Zero Trust endpoint and IoT security.
The comprehensive survey of 325 IT and cybersecurity
decision makers in the US, conducted in September 2020, represented a balanced
cross-section of organizations from financial services, healthcare and
technology to government and energy.
Alongside headline data that the majority experienced an
endpoint and IoT security incident over the last 12 months, the top 3 issues
were related to malware (78%), insecure network and remote access (61%), and
compromised credentials (58%). Perhaps more concerning was that over forty
percent of respondents (43%) expressed "moderate to unlikely means to discover,
identify, and respond to unknown, unmanaged, or insecure devices accessing
network and cloud resources."
"It is clear from this new research that the challenge of
securing IoT and end-points has escalated considerably as employees have been
forced to work remotely while organizations try to rapidly adapt to the
situation," said Scott Gordon, Chief Marketing Officer at Pulse Secure. "The
threat is real and growing. Yet, on a positive note, the survey shows that
organizations are investing in key initiatives and adopting zero trust elements
such as remote access device posture checking and Network Access Control (NAC)
to address some of these issues."
The research found that 41%
will implement or advance on-premise device security enforcement (NAC), 35%
will advance their remote access devices posture checking, and 22% will advance
their IoT device identification and monitoring capabilities.
For those that have been
victim of an endpoint or IoT security issue, the most significant negative
impact was a reported loss of user (55%) and IT (45%) productivity, followed by
system downtime (42%).
Holger Schulze, CEO and
Founder of Cybersecurity Insiders added, "The diversity of users, devices,
networks, and threats continue to grow as enterprises take advantage of greater
workforce mobility, workplace flexibility, and cloud computing opportunities.
Not only do organizations need to ensure endpoints are secure and adhering to
usage policy, but they must also manage appropriate IoT device access. New Zero
Trust security controls can fortify dynamic device discovery, verification,
tracking, remediation, and access enforcement."
The full 2020 Endpoint and
IoT Zero Trust Security Report is available for free download at https://www.pulsesecure.net/endpoint-IOT-securityreport/.
Additional key findings include:
- Respondents
rated the biggest endpoint and IoT security challenges as #1 insufficient
protection against the latest threats (49%), #2 high complexity of
deployment and operations (47%), and #3 inability to enforce endpoint and
IoT device access/usage policy (40%).
- Respondents
rated the most critical capabilities required to mitigate endpoint and IoT
security as #1 monitoring endpoint or IoT devices for malicious or
anomalous activity (54%), #2 blocking or isolating unknown or at-risk
endpoint and IoT devices' network access (51%), and #3 blocking at-risk
devices' access to network or cloud resources (46%).
- When
asked about anticipated investments to secure remote worker access and
endpoint security technology, most organizations (61%) anticipate an
increase, or significant increase, while few expect a decrease (6%).