Two-thirds of security professionals believe their existing endpoint protection tools cannot defend their organization from a significant malware attack, according to a recent survey.

In its report, “The State of Endpoint Security in Addressing Malware and Other Modern Cyber Threats,” Minerva Labs surveyed approximately 600 security professionals, of which three-quarters said their endpoint protection solutions could prevent only 70 percent of malware infections.

Malware Keeping Pace With Endpoint Security Evolution

Even though vendors are constantly trying to improve their products and services, those defending corporate networks don’t expect the situation to improve anytime soon. In fact, 75 percent of survey respondents said they believe the rate of malware infections either stayed the same or got worse over the past year.

Ironically, the report suggested that the powerful new features being added to many endpoint security solutions are driving cybercriminals to step up the sophistication of the malware they create. That could explain why 42 percent of security professionals cited analysis evasion as their top concern, followed by fileless malware (24 percent).

When malware strikes, more than a quarter of respondents said it can take days or weeks to restore their systems to a normal state. Only 41 percent said this can be done in a matter of hours. That could leave plenty of time for cybercriminals to steal data, disrupt business operations or cause all kinds of damage.

Security Professionals’ Endpoint Protection Wish List

Chief information security officers (CISOs) and their teams have a long wish list when it comes to security tools. Thirty-nine percent said they want antimalware products that work well without consuming a lot of system resources, and 29 percent are in the market for tools that are easier to deploy and upgrade.

Finally, given the high priority on digital transformation and other IT initiatives, 17 percent of survey participants hope to invest in endpoint security technologies that don’t interfere with other business applications.

While 31 percent of survey participants said they would consider replacing their current endpoint security tools with different products, more than half said they would prefer to invest in additional layers of technology to close whatever gaps are leaving them vulnerable to a malware attack. The report’s authors suggested that this could help organizations get around the costs and potential risks of switching the products they use.

More from

More School Closings Coast-to-Coast Due to Ransomware

Instead of snow days, students now get cyber days off. Cyberattacks are affecting school districts of all sizes from coast-to-coast. Some schools even completely shut down due to the attacks. The federal government recently warned that K-12 schools face a growing threat from cyber groups. According to the FBI, school districts often have limited cybersecurity protections, which makes them even more vulnerable. The FBI also says it anticipates the number of threats to increase. In a recent warning, the nation’s…

The Role of Human Resources in Cybersecurity

The human resources (HR) department is an integral part of an organization. They work with all departments with a wider reach than even IT. As a highly visible department, HR can support and improve an organization’s security posture through employee training. Their access to employees at the start of employment is an opportunity to lay a foundation for a culture of risk awareness. HR departments do not typically include cybersecurity risk awareness training with new hire onboarding, but it’s something…

New Attack Targets Online Customer Service Channels

An unknown attacker group is targeting customer service agents at gambling and gaming companies with a new malware effort. Known as IceBreaker, the code is capable of stealing passwords and cookies, exfiltrating files, taking screenshots and running custom VBS scripts. While these are fairly standard functions, what sets IceBreaker apart is its infection vector. Malicious actors are leveraging the helpful nature of customer service agents to deliver their payload and drive the infection process. Here’s a look at how IceBreaker…

Operational Technology: The evolving threats that might shift regulatory policy

Listen to this podcast on Apple Podcasts, Spotify or wherever you find your favorite audio content. Attacks on Operational Technology (OT) and Industrial Control Systems (ICS) grabbed the headlines more often in 2022 — a direct result of Russia’s invasion of Ukraine sparking a growing willingness on behalf of criminals to target the ICS of critical infrastructure. Conversations about what could happen if these kinds of systems were compromised were once relegated to “what ifs” and disaster movie scripts. But those days are…