Duo Security is a provider of secure login/access tools, and they just released their yearly Trusted Access Report with some very interesting data.
Here Is The Summary
Stats gathered from over 11 million enterprise users reveal that Windows 10 market share is quickly growing, and Win7 is being ditched rapidly. What surprised the Duo researchers was the sudden decline in Windows 7 usage from 2017 to 2018.
However, that should not be that big of a surprise, the WannaCry ransomware incident pushed organizations to get rid of Win7, because 98% of WannaCry's victims were Win7 users. Also, IT pros know that the writing is on the wall for Win7 and that January 2020 will be here before you know it. Still, there may be an additional reason for the move to Win10.
Two Bad News Items:
- Phishing was still as effective as ever, 12% of phishing campaigns captured credentials.
- A large number of users are still using outdated operating systems, and not just Windows:
- 90% of all Android devices were running an out-of-date OS version,
- 85% of ChromeOS devices were running an out-of-date OS version,
- 74% of macOS users were running an out-of-date OS version, and
- 56% of iOS users doing the same.
Glass Half Full Or Empty?
While a 2018 market share of 48% for Win10 among all Windows enterprise users seems a reason to celebrate in Redmond, for the InfoSec community this gives pause.
It means that in the real world, more than half of Windows enterprise users are still running an outdated version of Windows. That's a headache as these workstations are much more vulnerable to to hacks, exploits, and malware: infections caused by bad guys social engineering your end-user. An even worse picture was discovered related to browsers which were not up-to-date.
Is Antivirus The Third Reason For the Move to Win10?
A new report by SentinelOne on malware says that despite all the endpoint security tools they are running, the majority of companies globally have been victims of ransomware in the last 12 months. A whopping 52% of IT pros have lost faith in antivirus and 44% agree AV is dead.
The report says that ransomware attacks are the new normal for IT. There are a lot of numbers to chew on in the report, but the sheer enormity of the ransomware problem may be the most surprising result.
SentinelOne's Global Ransomware Report 2018 found that ransomware is now something that more than half (56%) of companies have faced in the past two months. That's up from 48% who said the same thing in the firm's 2017 report.
Why Pay For Unreliable AV When Windows Defender Is Free?
These days, a surprising number of security experts agree that paying for a traditional anti-malware suite is a drain on your budget. Windows 10's built-in protection, plus good security habits, are good enough. Training your users to have good habits is where security awareness training enters the picture.
The AV-Test Institute’s independent testing gave Windows Defender the best possible rating in protection in December 2017, and a nearly perfect rating in performance. Their Feb 2018 "Best antivirus software for Windows Client Business User" shows Defender 4.12 a solid middle-of-the-pack performer with very good scores, competing with other products that you shell out big bucks for.
An article over at ZDNet covers the reasons why Microsoft claims that Defender is a viable alternative instead of traditional AV. I recommend you read this article, because it's valuable ammo in the decision-making process to possibly move to Defender and use that budget for awareness training instead.
I strongly suggest you start with getting a quote for new-school security awareness training for your organization and find out how affordable this is. You simply have got to start training and phishing your users ASAP. If you don't, the bad guys will, because your filters and antivirus never catch all of it. Get a quote now and you will be pleasantly surprised.
Don't like to click on redirected buttons? Cut & Paste this link in your browser:
https://info.knowbe4.com/kmsat_get_a_quote_now
Let's stay safe out there.
Warm regards,
Stu Sjouwerman,
Founder and CEO, KnowBe4, Inc