Not too long ago, International Data Corporation (IDC) released a cybersecurity study that found that “70% of successful breaches originate on the endpoint – which is any device that is physically an end point on a network, such as laptops, desktops, mobile phones, and tablets. Certainly, not all of these incidents are insider threats – phishing is still an easy way to infiltrate an organization’s network – but many of them are.
On fact, according to a recent report from Ponemon Institute’s Cost of a Data Breach Study, malicious insiders, along with hackers, are the leading cause of data breaches, with insider incidents increasing 47% in the last two years. Even more staggering is that the average cost of an insider incident – which almost always originates at an endpoint – is now at a whopping $11.45 million.
Little, if No Progress Being Made in Endpoint Security
Endpoint security tools are now 24% of all IT security spending, according to Morgan Stanley Research. However, according to Absolute’s 2019 Endpoint Security Trends Report, increasing security spending on protecting endpoints doesn’t increase an organization’s safety and, in certain cases, reduces it. Absolute’s conclusion? Organizations are spending more on cybersecurity than ever before, yet they aren’t achieving greater levels of safety and security.
That’s not all. Absolute also discovered that the more complex and layered the endpoint protection, the greater the risk of a breach. In other words, the greater the number of agents a given endpoint has, the higher the probability that endpoint is going to be breached. Absolute found that a typical device has 10 or more endpoint security agents installed, each conflicting with the other.
A 2020 study Ponemon Institute study reported similar findings and concluded that organizations are not making progress in reducing their endpoint security risk, especially against new and unknown threats. The Third Annual Ponemon Institute Study on the State of Endpoint Security Risk found that 68% of IT security professionals say their company experienced one or more endpoint attacks that compromised data assets or IT infrastructure in 2019, an increase from 54% of respondents in 2017.
Let’s Not Forget the JP Morgan Breach
To hammer home a point about the susceptibility of endpoints, remember that the 2014 JP Morgan data breach started on an endpoint – a single employee who was vulnerable to a cyberattack. This breach compromised data associated with more than 83 million accounts – 76 million households (approximately two-thirds of all households in the U.S.) and seven million small businesses.
While JP Morgan never revealed the total cost of the data breach, it did increase its cybersecurity budget to $250 million a year. What’s more, if you apply the average cost of $154 per breached record – a figure often quoted from the Ponemon Institute – to the 83 million records breached, JP Morgan’s price tag was a staggering $12.8 billion. It may even be higher, as the Ponemon study found that high-profile, mega breaches such as JP Morgan’s tend to cost even more and don’t factor in the loss of potential business.
While the JP Morgan breach occurred before the COVID-19 crisis, the recent shift of large numbers of people to remote work environments are causing cybersecurity dangers to grow exponentially – not only through increased phishing attacks, but also because of an increased use of and reliance on portable media devices.
The First Step in Endpoint Hardening
With many organizations limiting the number of in-office days, the ubiquitous nature of portable media – such as USB flash drives, smartphones, music players, SD cards, and external hard drives – has become more prevalent as employees transfer data between their office computers and home computers. The very properties that make portable devices portable and enable them to connect to various networks also make them vulnerable to network security breaches.
To protect your organization from data breach that originates on an endpoint, the IDC made six recommendations, and one in particular got our immediate attention: Harden endpoints. This makes sense, and a simple and cost-effective way to harden your endpoints is to lock down all of your organization’s open computer and network ports so that peripheral devices carried from home – which could be carrying a Petri dish of viruses – cannot be connected at the office.
The cost of this endpoint hardening tactic is minimal – especially when comparing it to the average cost of a data breach.
USB port locks, network module locks, LAN cable locks, and secure USB hubs for your attached USB devices are inexpensive devices that can prevent employees from connecting their USB flash drives, external hard drives, and anything else you can imagine to your computers and/or your network. Physically securing your perimeter is a surefire way to protect your endpoints not only from malicious insider attacks, but also from innocent and non-wary employees – such as the JP Morgan staff member who unwittingly launched the biggest bank data breach in history – who are just trying to do their jobs under the new constraints of a work-from-home society.
