Your Cyber Risk Doubled in 2018

In a recent SANS Survey of IT Professionals who voiced concerns about endpoint security, several alarming patterns emerged, all pointing to continued escalation of risk to organizations of every size.

Devices Everywhere

Organizations are increasingly deploying a greater number and wider variety of connected devices.  This list includes:  desktop computers, employer-owned laptops, network devices and servers, mobile devices, even cloud-based systems, Internet of Things (IoT) devices, mobile and network devices, and wearables.

The variety of connected devices is challenging the “standard remediation model.”  In addition, the BYOD or Bring Your Own Device policy, which allows employees to connect their personal devices to corporate networks adds a greater level of uncertainty and lack of control for IT teams.  Leveraging tools such as ‘automatic updates,’   Windows Server Update Services, and even many patching services fails to address the range of devices and the complexity of a hyper-connected environment.

As the number of devices has grown, knowledge about who is using what systems has diminished.  According to this survey, only 34% of respondents could consistently connect users to systems.  This is a key finding since not knowing who is using your systems and when, adds another significant level of complexity to identifying anomalous behavior.

Detection Methods

Of the infections identified in 2018, 47% were caught by antivirus. Yet detection technologies that look at user and system behavior or provide context awareness were much less involved in detecting breaches. “Only 23% of respondents’ compromises were detected through attach behavior modeling and only 11% of compromises with behavior analytics. Because user and machine behaviors are the cause of most endpoint breaches, these technologies are critical for endpoint detection and response.”¹

Even more concerning is that 84% of endpoint breaches included more than the endpoints. While the majority of attacks started on the endpoints, the breach then spread to the servers.

The inability for most organizations to detect breaches is complicated by many factors: the number and variety of devices, the legacy solutions and processes used to remediate vulnerabilities, the limited skill sets of IT staffs in general, the lack of information about the user of the network resources and the resulting inability to understand normal versus anomalous behavior. Given these compounding issues, it is not surprising that the number of “those who didn’t know whether they’d been breached” doubled, rising from 10% to 20%.


Successful cyber risk management starts with understanding your weaknesses, and offering full coverage of your assets.  Leveraging a team that is certified, experienced and trained on the solutions being deployed and is always monitoring your network is critical to achieving optimal results (effective risk mitigation).

Since most organization operate with a limited IT budget, effective risk mitigation is simply out of reach.  They lack the resources to pay for effective tools, training for those tools, training for effective response and enticing salaries and benefits to attract and retain qualified talent.  Given these challenges, it is no surprise that the number of organizations unable to recognize an active breach has doubled in the past year.

Fiscally prudent organizations have realized that outsourcing security services to a qualified provider is the most financially efficient way to achieve effective cyber risk mitigation.  If you would like to discuss your risk and how to optimize your results, please contact us below to schedule a meeting with one of our advisors.

CALL US: (877) 486-8056 EMAIL US

¹Endpoint Protection and Response: A SANS Survey,” June 2018

Corsica Technologies
Corsica provides personalized service and a virtual CIO (vCIO) who serves as a strategic advisor. When it comes to the complex integration of solutions for IT and cybersecurity, the whole is greater than the sum of its parts. We offer cybersecurity solutions, managed services, digital transformation, resale services, and one-off technology projects. Corsica unifies any combination of these services into a complete, seamless solution.

Related Reads

MDM vs. MAM: Which one is right for you? - Corsica Technologies

MDM vs. MAM: Which One Is Right For You?

How should you handle mobile devices that have access to company data and systems? This is a crucial question for today’s on-the-go, hybrid workforce. Maybe you give your team company-owned mobile devices. Or perhaps your employees find it more convenient

Read more
Managed Network Services - Everything You Need to Know - Corsica Technologies

Managed Network Services: Everything You Need To Know

For overworked IT teams, managed network services are a lifesaver. Rather than monitoring network logs, troubleshooting switches, and working overtime to mitigate vulnerabilities, you can engage a trusted partner to manage your network for you. But not all providers are

Read more

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.