Web malware (47%) and ransomware (42%) top the list of security threats that organizations are most concerned about, according to a new report from cloud security company Menlo Security. Despite these growing concerns, less than a third of organizations (27%) have advanced threat protection in place on every endpoint device that can access corporate applications and resources.
The pandemic resulted in a complete shift in how people perform personal and business tasks, which has expanded attack surfaces as hybrid and remote work environments proliferated and became the norm. To facilitate this level of remote work, organizations implemented turnkey, software-as-a-service (SaaS) solutions that allowed entire employee bases to work from home. While shifting to the cloud enabled productivity and collaboration despite distributed workforces, it rendered legacy security systems ineffective against attacks than previously in on-premises office environments.
Consequently, there has been a surge in a recently identified class of cyberthreats known as Highly Evasive Adaptive Threats (HEAT), which use techniques to evade detection by multiple layers in security stacks to deliver malware or compromise credentials.
Less than three in 10 entities have advanced threat protection in place on every endpoint device used to access corporate applications and resources.As employees spend more time working in browsers and accessing SaaS applications, the risk of HEAT attacks increases; the report found that almost two-thirds of organizations (62%) had a device compromised by a browser-based attack in the last 12 months. Data suggests organizations aren’t being proactive enough in mitigating threat risks, with 45% failing to add strength to their network security stack over the past year. There are also conflicting views on the most effective place to deploy security to prevent advanced threats — 43% of respondents citing the network and 37% the cloud.
To best secure networks, leaders must modernize legacy security stacks and shift from a reactionary mindset to a preventative approach to security that is based in the zero-trust architecture and adopts the secure access service edge framework to effectively protect today’s work-from-anywhere environments.
The survey questioned 505 IT decision-makers across the United States and United Kingdom on the HEAT landscape, business responses to threats and security challenges and priorities for 2022. Interviews were conducted by Sapio Research in February 2022.
Read the full report by Menlo Security.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More
