Enterprises gain an 'F' grade in protecting themselves against cybercrime

Summary:According to new research, the majority of enterprises gain an "F" grade in security.

1credit cnet
Credit: CNET

In the light of increasing and sophisticated cyberattacks, are enterprise systems up to the challenge of defending themselves?

According to new data released by security firm Malwarebytes, the Enterprise Strategy Group (ESG) research study, enterprises are responding to the emergence of more sophisticated malware -- and although adding strategic security layers is now often a priority, many businesses are still ill-equipped to protect systems.

Based on a survey of 315 North American-based IT security professionals working for enterprises -- corporations with 1,000 employees or more -- the researchers at ESG found that the majority of respondents have seen an uptick in more sophisticated, targeted attacks over the past two years. However, most of the survey respondents said endpoint security software is not effective for detecting zero-day malware, as well as polymorphic variations -- including trojans and evolving types of threats.

As a result, enterprises believe they are left exposed to attacks on their systems.

"As cyber-attacks become more sophisticated, IT security professionals are realizing that relying on only one layer of endpoint security isn't enough. Each endpoint needs multiple layers of malware detection to ensure complete protection," said Marcin Kleczynski, CEO of Malwarebytes. "The reality is, most anti-virus products will miss nine out of ten zero-day malware threats, and having a layered approach blocks advanced threats that traditional antivirus scanners may fail to detect."

The study also found that the most likely avenue for malware to be able to infiltrate a system is based on human error. A lack of technological understanding and falling for phishing attacks -- such as the latest Apple Dev Center campaign -- are likely to allow intrusion.

Some of the study highlights include:

  • 29 percent of respondent organizations that have suffered a successful malware attack believe social networks are a main cause of those attacks.
  • It takes 57 percent of respondents hours to detect a system compromised by malware and 19 percent days.
  • 74 percent of enterprises have increased their security budget over the past 24 months.
  • 62 percent of IT professionals believe their host-based security software is not effective for detecting zero day and polymorphic threats.
  • 85 percent of IT security professionals are concerned that a massive cyber-attack could impact critical infrastructure, the economy, and national security. In addition, 66 percent believe that the U.S. government is not doing enough to protect the private sector.
ESG-Infographic2

Topics: Security, Enterprise 2.0, Malware

About

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charli... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.