• this Ponemon Institute study, sponsored by Lumension, surveyed 688 senior information and security officers to determine:
  • how effective they are in protecting their endpoints; and
  • what they perceive as the biggest obstacles to reducing risk.

• security - administrative and technical safeguards considerations:
  • current state of endpoint security in the organization:
    • non-IT executives are supportive of endpoint security operations - 41%;
    • the organization has ample resources to minimize IT endpoint risk - 35%; and
    • laptops and other mobile devices are secure and do not present a significant security risk - 26%.
  • IT's growing insecurity:
    • IT network security is not more secure than one year ago:
      • 2011 - 66%;
      • 2010 - 64%; and
      • 2009 - 59%.
  • malware incidents persist but are not the primary concern for IT:
    • the organization has experienced a malware incident:
      • 2011 - 43%; and
      • 2010 - 27%.
    • average number of malware attempts per month experienced - 50; and
    • concern for growing malware threat:
      • 2011 - 29%; and
      • 2010 - 61%.
  • growth areas for perceived IT security risks for 2012:
    • highest perceived security risks in the IT environment:
      • vulnerabilities in third-party applications:
        • 2011 - 56%; and
        • 2010 - 45%.
      • mobile/remote employees:
        • 2011 - 48%; and
        • 2010 - 9%.
    • the most effective technologies in meeting risk mitigation (in decreasing order):
      • vulnerability assessment;
      • device control; and
      • endpoint firewall.
    • likelihood of piloting or expanding application control/whitelisting technologies in the endpoint environment - 63%.
  • declining trust is using Apple Mac:
    • concern over Mac malware infections:
      • very concerned - 41%; and
      • increasingly concerned - 44%.
  • technologies tied to organizational productivity are increasing:
    • technologies being increasingly used in the organization:
      • social media/web 2.0;
      • mobile devices/smartphones; and
      • use of third-party cloud computing.
    • average percentage of employees using personal mobile devices at work - 42%; and
    • the organization has mechanisms in place to secure personal mobile devices similar to corporate devices - 46%.
  • security control technologies on the rise:
    • investment in mobile device management will increase in the next year - 46%;
    • device control for mobile devices will increase in the next year - 20%; and
    • overall IT security budget changes in the next year:
      • stay the same - 56%; and
      • will increase - 25%.
  • respondent views on security:
    • virtualized environments will increase - 52%;
    • no one department or function has responsibility for virtualization security measures - 49%;
    • 3rd party cloud computing will increase - 56%;
    • internal cloud computing will increase - 35%;
    • the organization does not have a cloud strategy - 41%; and
    • the respondent is unsure if the organization has a cloud strategy - 21%.
  • IT technologies with predicted usage increases in the next year:
    • application control/whitelisting - 56%;
    • application control firewall/gateway - 55%;
    • integrated endpoint security suite - 46%;
    • mobile device management - 45%; and
    • security event and incident management - 38%.

Source Document:

http://www.lumension.com/Media_Files/Documents/Marketing---Sales/Whitepapers/Ponemon-2012-
--State-of-the-Endpoint.aspx?LeadSourceId=L2157&utm_medium=email&utm_source=News&utm_
campaign=Prospect&utm_content=December&utm_term=2011&mgs1=bc1a6m4IDG