IT Uneasy as Malware Attacks Grow

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

A new study, conducted by the Ponemon Institute and commissioned by endpoint security specialist Lumension, found that 68 percent of organizations acknowledge that their networks are less secure today than they were a year ago.

The greatest threat is malware. According to the State of Endpoints 2010 study, 43 percent of the 782 respondents have seen a significant increase in malware incidents. In the past, the major threat was from viruses, but now, "IT risk is definitely shifting," said C. Edward Brice, vice president of marketing, Lumension. "Malwareis up."

More than a third of the organizations surveyed reported at least 50 malware attacks every month.

To make matters worse, companies are sticking with tried and true security technologies to combat the latest security threats even though technology that is more effective exists.

Application Whitelisting

While 98 percent of organizations say they are using anti-virus protection, they are not implementing new technologies, such as application whitelisting, leaving them vulnerable to Zero-Day attacks via endpoint devices and third-party applications.

A Zero-Day attackoccurs when a hacker takes advantage of a security hole that is unknown or undisclosed to the software developer - it's that window between when a vulnerability is discovered by a hacker and when the software developer fixes it.

The most effective way to prevent Zero-Day attacks is to implement application whitelisting, because it only allows known and safe applications access to the endpoint. According to the survey, only 29 percent of respondents use application whitelisting.

"Probably most surprising this year is that companies are doing themselves no favors by not using the technologies they themselves have identified as most effective at combating endpoint security risks and threats," said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute.

Brice said that application whitelisting is more effective than it used to be. "We have a huge education job," he said of teaching IT professionals and executives about how important whitelisting is today and how much it has improved over the last couple of years. One way Lumension is hoping to spread the word about application whitelisting is with a new Web site called IntelligentWhiteListing.com.

"The time is now to rethink the endpoint security model and transition to a defense-in-depth approach that includes the new generation of application whitelisting technologies," Pat Clawson bloggedon IntelligentWhiteListing.com. "Advances in application control and whitelisting have added new levels of flexibility through trusted change engines and whitelist management can integrate with other tools."

According to the survey, the top three challenges facing IT are preventing applications from being installed, discovering which applications have been installed, and ensuring applications are patched. One-third of all organizations allow any application to be installed on any endpoint device, while 38 percent of IT departments only allow sanctioned applications to be installed. However, they often lack the ability to enforce that policy.

Remote Users

Another growing problem for IT security pros is the increasing number of remote users. Fifty percent of respondents ranked remote users as the greatest challenge to security.


Even though the threats continue to change, network visibility remains one of the most important tools for IT. Network administrators need to be able to see what is happening on their network, if they are plodding through their day-to-day operations with a blindfold on, they will spend all of their time putting out fires. However, according to the survey, only 33 percent of respondents have the ability to discover all applications in use on the network. The problem is only being compounded with an ever-increasing number of malware attacks, the adoption of more Web-based applications, and more remote users accessing the network.

IT’s ability to mitigate risk and improve security is suffering as the number of attacks increases and network visibility decreases.

"There is a real need to put the appropriate technologies and personnel in place to best-position organizations of all sizes and in all industries for success in the ongoing battle to ward off cyber threats as we head into 2011," Ponemon said.