nfosec Professionals Don't Trust Endpoint Security 21 June 2014 End users are the cybersecurity staff's worst nightmare. When it comes to endpoint protection, the overwhelming majority of information security professionals believe that their existing security solutions are unable to prevent all endpoint infections, and that anti-virus solutions are ineffective against advanced targeted attacks. Overall, end-users are their biggest security concern. In a recent survey from Bromium, nearly 85% of respondents believe that their existing security technology is unable to prevent endpoint infections. Despite the proliferation of layered security solutions, attacks continue to exploit common vulnerabilities in operating systems, applications, browsers and plug-ins. “The reality today is that existing endpoint protection, such as AV, is ineffective because it is based on an old-fashioned model of detecting and fixing attacks after they occur,” said Rahul Kashyap, chief security architect at Bromium, in a statement. “Sophisticated malware can easily evade detection to compromise endpoints, enabling cybercriminals to launch additional attacks that penetrate deeper into sensitive systems. Security professionals should explore a new paradigm of isolation-based protection to prevent these attacks.” When it comes to AV specifically, nearly 85% of respondents believe that anti-virus solutions are unable to protect against advanced targeted attacks. That’s because sophisticated malware is designed and tested to ensure it evades current security technologies, such as signature-based detection and behavioral analysis. End-users, meanwhile, are a weak link – nearly 75% of respondents believe that end-users are responsible for their biggest security headaches. End-users become infected by drive-by downloads, malicious URLs and email attachments, impacting productivity as security teams work to resolve compromises or restrict access. “Despite the challenge in protecting end-users, it is encouraging so many security professionals are aware of the shortcomings of existing technology,” added Kashyap. “The recognition that the status quo is broken is the first step toward changing it for the better.” Additional results from the survey found two-thirds (65%) of information security professionals are looking for endpoint protection that can stop both known and unknown threats. Further, three-quarters (75%) stated they would sleep better at night knowing a user could click on anything at any time without risk of infection. This article is featured in: Industry News • Malware and Hardware Security • Wireless and Mobile Security