The annual Black Hat USA convention was held from August 6-11 in Las Vegas recently and Jamf was in attendance as a vendor. Additionally, two of our Jamf Threat Labs (JTL) members: Jaron Bradley, Detections Lead and Matt Benyo, Detections Developer were on-hand, hosting a presentation relating to malware and defense titled, Leveraging the Apple ESF for Behavioral Detections.
While our intrepid JTL team wowed the crowd with their findings, the ground team got to meet and greet many security and non-security professionals alike, seizing the opportunity to perform a little recon by way of conducting a short, anonymous survey with attendees relating to the state of security within their organization.
The results both illuminate the driving nature that security plays in not just protecting assets like endpoints and sensitive data, but also highlight the important role of the end-user when considering the preservation of their privacy and personal data
Another important point the survey drew out was the critical need for visibility into endpoint health, the potentially risky behaviors that may lead to security issues and how enforcement of policies can minimize risk by keeping the organizational resources accessed by managed and personally owned endpoints compliant.
Note about the survey results: 81% of the respondents indicated they are part of a Security or IT team within their organization; while the remaining 19% indicated they are not part of either department. Percentages in bold represent the former and those in italics represent the latter.
C.R.E.A.M. (Cash Rules Everything Around Me)
“73% of respondents indicated they plan to maintain or increase their security spend in the next 12-24 months.”
Nearly three-quarters of the Security and IT pros felt their security budget would remain the same or increase in direct response to the criticality of security within the organization to keep endpoints, users and data safe. This finding dovetails nicely with recent trends including the migration toward remote and hybrid work environments alongside the security advancements that facilitate remote work, such as cloud-based identity management and protections against phishing attacks and mobile threat defense.
Another key takeaway related to this survey item is that despite economic trends security appears to be largely insulated from financial downturns due in no small part to the critical nature of security. It plays an invaluable role in safeguarding sensitive data against threats while minimizing risk and helping organizations maintain endpoint compliance – which may prove far more affordable than cleaning up after a data breach or being assessed fines for violating any regulatory laws that may govern your industry.
“82% of respondents indicated that their users face phishing attacks on work devices on a regular basis.”
While this result shouldn’t really come as too much of a surprise to anyone that regularly stays on top of security-related threat trends, it’s still a large enough percentage that commands all stakeholders to take notice. After all, it’s the number one threat affecting information security for a reason.
Phishing is so pervasive in fact, extending to all device types regardless of the underlying operating system that it poses a real threat to sensitive business data across every organization and in all industries. It knows no bounds, no limitations and can be incredibly difficult to protect against without advanced content filtering tools, otherwise organizations leave themselves open to significant risk.
“64% of users say they face phishing attacks at least once per week.”
That certainly sounds like a high percentage of attack, but a follow-up question to consider is, how can you be certain of the percentage within your organization? Without the proper systems in place to monitor endpoints, detecting phishing attacks is little more reliable than a user submitting a ticket to IT or Security relating to the “strange email request they received” – and that’s at best – at worst, organizations do not have any way to quantify phishing attacks, where they’re coming from, what they’re after or over which communication method.
Corporate vs. BYOD
“71% of respondents indicated that work resources are available to users on unmanaged devices.”
The ability to access work resources on unmanaged endpoints (see personally owned devices) means data is not actually secured or even controlled by the organization. This represents a significant risk to the organization with the potential to expose sensitive data at best, while potentially exposing them to civil and/or criminal liabilities at worst. The latter is especially crucial when considering regulated industries and the local, country and/or possibly global implications.
In the modern computing landscape, the transformation from working at the traditional company office behind its network perimeter has shifted toward remote and hybrid work environments, with companies and employees favoring the flexibility to work from anywhere, at any time and from any device where they feel most comfortable and productive.
So, why choose between securing corporate devices or personal ones, when you can protect them all regardless of the ownership model? Doing so moves mean devices meet minimum security guidelines set forth by your organization while corporate data security is decoupled from devices and instead, protected by modern solutions, such as Zero Trust Network Access (ZTNA) which conducts regular health checks on devices, ties identity to Trusted Access user authentication and leverages Multifactor Authentication (MFA) to keep data secured from unauthorized access and compromised devices.
While we mostly heard from the Security and IT pros, a majority of survey respondents from attendees outside of those two groups identified a few critical points that have a direct impact on endpoint security, such as:
- Use legacy VPN technology for work
- Use their personal phone for job-related tasks
- Are not confident their privacy is preserved on work devices
As the saying goes, “knowing is half the battle”, but knowing is simply not enough to keep endpoints secure against the plethora of current and future threats in the wild.
Implementing the proper solutions help to:
- Identify and prevent access to websites used in 0-day phishing campaigns
- Monitor and mitigate risk from malware and suspicious software
- Perform behavioral analysis and machine learning (ML) for hunting unknown threats and risky behaviors
- Manage endpoint configurations while keeping up to date on OS and app patches
- Provision of centralized, cloud-based identity, access permissions and authentication
- Secure remote access connections for modern computing devices and environments
- Integrate layered solutions into a comprehensive security paradigm that doesn’t impact the user experience or their productivity
All while ensuring that data is protected and privacy is preserved through a defense in depth security plan spanning any Apple device being used from anywhere, over any network connection and at any time for a truly holistic, Apple-focused solution.
Jamf has your six. Contact us to learn about Jamf’s security solutions.
Develop a plan to protect your fleet against Apple-specific threats today.
Have market trends, Apple updates and Jamf news delivered directly to your inbox.