IT security pros see the growing number of flaws in web browsers as their biggest endpoint security challenge, according to recent research from Malwarebytes.
In a survey of 685 IT decision-makers conducted by Lawless Research, LLC, 72 percent of respondents said the rising number of exploitable vulnerabilities made security difficult, particularly in companies with 1,000 or more endpoints.
A wide majority of companies — 82 percent — have been the victim of at least one online attack in the past year, reflecting what Malwarebytes called a “worrying trend” — the average company experienced three attacks. And, help desks and employee productivity took major hits as a result.
Also reflecting a growing sentiment in the security industry, 84 percent of survey respondents said that traditional anti-virus falls short in the face of modern threats. As a result, it appears that those with dominion over security budgets are mulling or adopting a layered approach — 76 percent of the businesses in the survey will deploy multiple endpoint solutions in 2015.
Adam Kujawa, head of Malware Intelligence at Malwarebytes, told SCMagazine.com in an email correspondence that the traditional anti-virus approach — detect only what has been seen — “was still mostly effective” five to ten years ago since one type of malware would emerge, “then spread through the internet.”
Once it had been seen “then you're likely to see the same thing somewhere else,” he said. “This made the job relatively easy.”
Not so today as amateur malware developers have given way to “software development firms running in the cybercrime underground.”
They have a production methodology and a release cycle and once the malware is detected, “it's only a short time before a new variant is pushed out that evades detection,” Kujawa explained.
Infecting systems has also become easier with users becoming victims, “simply by surfing your favorite sites unprotected.”