Malware attacks are happening more often and are harder to detect, according to the State of the Endpoint Report from the Ponemon Institute. Of the 694 IT security administrators surveyed, the number of respondents with a strategy in place to deal with malware fell from 43% in 2015 to 38% this year.
The report found that 68% had experienced distributed denial-of-service (DDoS) attacks, where multiple systems are used to target a single system. In addition, 80% said that they believed their mobile endpoints—defined as laptops, desktops, smartphones, printers, POS machines, or ATMs—had been targets, up from 58% in 2015.
As troubling as that may sound, a bigger concern involves employees. More than 80% of respondents said the biggest threat to endpoint security was negligent or careless employees who don’t follow security policies.
“You’ve got how many different types of laptops? How many versions of Windows? How many applications for those devices? How many phone types, etc.?” asked Michael Davis, chief technology officer of the security start-up firm CounterTack in an article for InformationWeek. “IT has to struggle with all of that variation, while also trying to enforce a standard set of security protocols. And then, on top of that, they have to deal with the end user, so it’s very difficult to enforce anything, even from a purely technology perspective.”