Check Point® Software Technologies Ltd. (NASDAQ: CHKP) today published findings from two research projects, the Check Point 2016 Security Report and Exploits at the Endpoint: SANS 2016 Threat Landscape Study, revealing critical challenges and key recommendations for IT leaders, as businesses continue to build-up protections against evolving cyber threats.
In the company’s fourth annual Security Report, Check Point researchers analyzed the activity of more than 31,000 Check Point gateways worldwide, revealing details on what enterprises are encountering in known and unknown malware, attack trends, and the impact of more mobile devices in the enterprise. Additionally, researchers were able to measure the impact successful breaches have had on organizations, and the added expenses that go beyond remediation costs.
In the recent SANS 2016 Threat Landscape Study, conducted in partnership with security education and research group SANS Institute, researchers surveyed more than 300 IT and security professionals across the globe to uncover the threats organizations encounter in the real world; when and how they become incidents; which types of threats had the biggest impact; and the greatest challenges enterprises face in protecting themselves.
“With billions of new connections formed every minute, the world is more globally linked than ever. Innovations like cloud, mobility and IoT are changing the way we deploy, the way we consume, and the way we secure technology,” said Amnon Bar-Lev, president, Check Point. “More and more malware is being put into our ecosystem that traditional security techniques are powerless to prevent. Given this, staying a leader requires being one step ahead of things you cannot see, know or control – and preventing attacks before they happen.”
Both the Check Point Security Report and SANS 2016 Threat Landscape Study present a comprehensive view of the entire threat landscape – from the network to the endpoint – offering key findings including:
- Unknown malware continues its exponential and evolutionary growth. Researchers found a 9x increase in the amount of unknown malware plaguing businesses. This was fueled by the employees, who downloaded a new unknown malware every four seconds. In total, there were nearly 12 million new malware variants discovered every month, with more new malware discovered in the past two years than the previous decade.
- Security is lagging behind the speedy, on-the-go mobile device. With smartphones and tablets accounting for 60 percent of digital media time spent, businesses’ mobile devices present both an access curse and a business productivity blessing. While employees do not want to be the cause of a company network breach, 1-in-5 will cause one through either mobile malware or malicious Wi-Fi.
- Endpoints represent the starting points for most threats. Among the businesses surveyed, endpoints were the most common cause of breaches and the most critical component in cyber defenses, with attackers leveraging email in 75 percent of cases. Also, 39 percent of endpoint attacks bypassed the network gateway firewalls, and routine operations uncovered 85 percent of threats after they had already gotten inside the enterprise.
Both reports conclude forward-looking security starts with having a best-of-breed architecture in order to address the current and future complexities of securing IT. Researchers found a common theme of advanced threat prevention, mobile device protection and segmenting a network all critical components for the modern enterprise.
To read the full 2016 Check Point Security Report, visit: http://www.checkpoint.com/securityreport/; and to read the full results of Exploits at the Endpoint: SANS 2016 Threat Landscape Survey, visit: https://www.checkpoint.com/webinars/sans-2016-threat-landscape-study/.
Follow Check Point via:
Check Point Blog: http://blog.checkpoint.com/
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization, teaching over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master’s degrees in cyber security. (www.SANS.org)