CYBERCRIMINALS ARE WINNING: EVEN SECURITY PROFESSIONALS ADMIT TO PAYING RANSOM AND BYPASSING CORPORATE SECURITY

Press Releases / CYBERCRIMINALS ARE WINNING: EVEN SECURITY PROFESSIONALS ADMIT TO PAYING RANSOM AND BYPASSING CORPORATE SECURITY

CYBERCRIMINALS ARE WINNING: EVEN SECURITY PROFESSIONALS ADMIT TO PAYING RANSOM AND BYPASSING CORPORATE SECURITY

Bromium research finds humans continue to be the biggest threat to cyber security

May 9, 2017 –

CUPERTINO, Calif. – May 9, 2017 – Bromium®, Inc., the pioneer and leader in virtualization-based enterprise security that stops advanced malware attacks, today released new research conducted at the RSA Conference (RSAC) 2017 that found security professionals admit to knowingly circumventing security protocols and hiding discovered breaches. The survey findings were so surprising that Bromium surveyed a subsequent group of security professionals in the U.S. and U.K. and the results were consistent.

Here’s what the survey found:

  • On average, 10 percent of security professionals admitted to paying a ransom or hiding a breach without alerting their team (5 percent at RSA, 15 percent in extended study). For context, there were 638 million ransomware attacks in 2016, suggesting that tens of millions of these attacks are potentially not being disclosed.
  • On average, 35 percent of security professionals admitted to going around, turning off or bypassing their corporate security settings (38 percent at RSA, 32 percent in extended study of U.S. and U.K. security professionals).

“While we expect employees to find workarounds to corporate security, we don’t expect it from the very people overseeing the operation,” said Simon Crosby, co-founder and CTO of Bromium. “Security professionals go to great lengths to protect their companies, but to learn that their decisions don’t protect the business is frankly rather shocking. To find from their own admission that security pros have actually paid ransoms or hidden breaches speaks to the human-factor in cyber security. It’s one reason we pursued virtualization-based security: it takes the burden off the end-user and ensures IT and security teams protect their business assets and data.”

When it comes to cyber security, there are really two ways to make it happen: top down with typically strict limits on end-user behavior or, distributed control with more end-user involvement. In the first case, employees are limited in what they can do which can hinder business innovation. In the latter case, employees can choose to turn off security and put the business at tremendous risk. Either way, it’s a lose-lose situation when considered through the enterprise security lens.

“With application isolation and hardware-enforced containment, I don’t have to worry about what people click on. They are free to click on anything because applications, files and web browsing sessions are isolated and therefore protected. And when they’re done with the task, if they were exposed to malware or ransomware, it goes away and they go about their day,” explains Paul Hershberger, Director, IT Global Security and Compliance, Risk and Compliance at The Mosaic Company.

View the infographic about the study and find out more about Bromium Secure Platform.

Methodology

The Bromium survey had a sample of 210 security professionals. Fieldwork was conducted through an online survey at RSAC 2017 in February 2017 with 110 respondents as well as with additional security professionals in the U.S. and U.K. in March 2017 with 100 respondents.

ABOUT BROMIUM, INC.
Bromium protects your brand, data and people using virtualization-based security via application isolation. We convert an enterprise’s largest liability – endpoints – into its best defense. By combining our patented hardware-enforced containerization to deliver application isolation and control, with a distributed Sensor Network to protect across all major threat vectors and attack types, we stop malware in its tracks. Unlike traditional security technologies, Bromium automatically isolates threats and adapts to new attacks using behavioral analysis and instantly shares threat intelligence to eliminate the impact of malware. Bromium offers defense-grade security and counts a rapidly growing set of Fortune 500 companies and government agencies as customers.

Visit Bromium: https://www.bromium.com
Follow Bromium on Twitter: https://twitter.com/bromium
Follow Bromium on LinkedIn: https://www.linkedin.com/company/bromium

 
Media Contacts
 
 
 
 
2017-05-09T16:40:07+00:00May 9th, 2017|

See Bromium in Action

Put an end to malware and attacks once and for all. Request a demo of the Bromium Secure Platform to learn how Bromium uses virtualization-based security to isolate applications and stop threats. Complete the form to request a demo.

Thank you! The information has been submitted successfully.
Share
Tweet
Share

By continuing to use the site, you agree to the use of cookies. More information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close