Machine learning for endpoint protection is becoming increasingly important to organizations around the globe, according to a survey of 300 IT and information security professionals conducted by artificial intelligence-based threat protection solutions provider Cylance and research firm Enterprise Strategy Group (ESG).
The Cylance-ESG "Top-of-Mind Threats and Their Impact on Endpoint Security Decisions" survey revealed 47 percent of respondents have deployed machine learning for endpoint security, and 23 percent are currently testing the technology.
Also, 32 percent of respondents said they believe machine learning is detecting new and unknown malware that evades other endpoint security solutions, and 25 percent are deploying the technology to increase productivity, the survey indicated.
Machine learning, i.e. the use of systems that can automatically improve with experience, could play an important role in the cybersecurity space in the foreseeable future. However, many cybersecurity professionals do not understand machine learning technologies and their potential impact.
In fact, a recent study of 412 cybersecurity professionals conducted by ESG showed that only 30 percent of respondents said they are very knowledgeable about machine learning and AI, and 12 percent said their organization has deployed these technologies extensively.
Ransomware Represents a Top Concern for Organizations
In addition to highlighting the impact of machine learning for endpoint protection, the Cylance-ESG survey offered several insights into the global cyber threat landscape, and these included:
- Ransomware is a top concern for organizations. Forty-six percent of respondents said their organization has experienced a ransomware attack in the past 12 months. Among these respondents, 60 percent said their organization has experienced a recurrence of the same ransomware. (Ironically, the Bad Rabbit ransomware outbreak is surfacing now.)
- Unknown malware strains are becoming more prevalent than ever before. Twenty-nine percent of respondents ranked unknown malware as the top attack vector, and 44 percent said it represents the greatest risk to their organization's endpoints.
- Endpoint attacks have far-flung effects on organizations. Thirty-two percent of respondents named interruptions to standard business operations as the top impact of compromised endpoints, followed by impeding the productivity of knowledge workers (31 percent) and causing delays to other IT projects (28 percent).
- Organizations are worried about cybercriminal activities. Ninety percent of respondents said they are concerned or extremely concerned about the threats posed by cybercriminals, followed by the threats associated with nation-states (82 percent), hacktivists (79 percent) and insiders (78 percent).
IT and information security professionals often focus on finding immediate solutions to endpoint attacks, according to the study. Yet machine learning enables these professionals to implement a "defense-in-depth endpoint security strategy," the study indicated, that can help organizations quickly identify and address endpoint weaknesses.