SOURCE: Bromium


August 12, 2015 12:00 ET

Bromium Black Hat Survey: Endpoint Risk Five Times Greater Than Network or Cloud

Survey Cites Risk of Cyber Attacks on Critical Infrastructure; Issues With Flash and Security Patching Contribute to Endpoint Security Risk

CUPERTINO, CA--(Marketwired - Aug 12, 2015) - Bromium®, Inc., the pioneer of threat isolation to prevent data breaches, today announced the publication of "Black Hat 2015: State of Security," a survey of more than 100 information security professionals conducted at the Black Hat Conference 2015. The survey reveals issues with Flash and security patch management, with the majority of respondents citing the endpoint as the source of greatest risk. The report also highlights the risk of cyber attacks on critical infrastructure and an initial positive reception to Windows 10.

"One reason that the endpoint is the source of the greatest security risk is because of how difficult it is to balance security and productivity. For example, 90 percent of organizations would be more secure if they disabled Flash, but 41 percent would become less productive," said Clinton Karr, senior security strategist, Bromium. "Traditional security solutions have proven ineffective at mitigating this dilemma, putting our critical infrastructure at significant risk."

Key findings from "Black Hat 2015: State of Security" include:

  • The Endpoint Is the Source of Greatest Security Risk -- The majority of information security professionals cited the endpoint as the source of the greatest security risk (55 percent). The second most common response was insider threats (27 percent). Network (9 percent) and cloud (9 percent) were selected less frequently.
  • Security Professionals Pan Flash -- The overwhelming majority of security professionals believe their organization would be more secure if it disabled Flash (90 percent); however, 41 percent believe disabling Flash would make their organization less productive or break critical applications.
  • Implementing Security Patches Is a Challenge -- The majority of organizations implement patches for zero-day vulnerabilities in software, such as Flash and Internet browsers, in the first week (50 percent first week; 10 percent first day); however, 22 percent take more than a month to deploy.
  • Critical Infrastructure Is at Risk of Cyber Attack -- The majority of Black Hat attendees cited financial services (30 percent), energy (17 percent), healthcare (17 percent) and government (12 percent) as the verticals at the most risk of cyber attacks. Interestingly, financial services was also selected as the vertical that has implemented the best security practices (60 percent).
  • Windows 10 Improves Security, But Not Enough -- The majority of information security professionals believe Windows 10 improves security (56 percent), but many (33 percent) believe these improvements are not enough.

"Black Hat 2015: State of Security" surveyed 101 information security professionals at Black Hat Conference 2015, in Las Vegas, Nevada, August 5 and 6, 2015.

Download "Black Hat 2015: State of Security" at

About Bromium, Inc.
Bromium is re-inventing enterprise security with its powerful new technology, micro-virtualization, which was designed to protect businesses from advanced malware by design, while simultaneously empowering users and delivering real-time threat intelligence to IT. Unlike traditional security methods, which rely on complex and ineffective detection techniques, Bromium protects against malware from the Web, email or USB devices, by automatically isolating each user-task at the endpoint in a hardware-isolated micro-VM, preventing theft or damage to any enterprise resource. Bromium's technological innovations have earned the company numerous industry awards. Bromium counts a rapidly growing set of Fortune 500 companies and government agencies as customers.

Visit Bromium:
Read the Bromium blog:
Follow Bromium on Twitter:
Follow Bromium on LinkedIn:

Contact Information