More than two-thirds (70%) of IT managers at small and medium sized enterprises say budget considerations have forced them to compromise on security features when purchasing endpoint security, according to a survey by VIPRE. Overall, price was the top factor in endpoint security purchases (chosen by 53% of respondents), followed by ease of use (47%), feature set (41%), support (34%), advanced detection technology (31%), cloud-based management (29%) and ransomware (2%).
"SME IT managers need to better recognize the security dangers facing their organizations," said Usman Choudhary, chief product officer at VIPRE. "Ransomware alone was responsible for $1 billion in cyber-extortion payments last year, according to the FBI, but only 21% of survey respondents considered ransomware as a factor when they purchased endpoint security. We understand that price and budgets are a factor but forgoing advanced protection features such as those available through VIPRE can put a company at risk."
As ransomware attacks and awareness of the threat increases, 53% of respondents would recommend negotiating a payment to the attackers. This represents a significant increase from a 2015 survey where only 30% of IT security pros said they would negotiate. The current study also noted that 82% of companies suffering a cyber attack in the last year would negotiate a ransomware attack.
With ransomware on the rise, perhaps it is no surprise that phishing attacks remain the most pervasive cyber security threat. About 45% of IT managers have had to remove malware from an executive's computer due to phishing, a figure that rises to 56% for larger companies (351-500 employees).
Meanwhile, survey respondents also cited visits to porn websites (26%), letting a family member use a company-owned device (22%), attaching an infected USB stick or phone (22%) and installing a malicious app (21%) as reasons they had to remove malware. Only 25% said they have never been asked to remove malware from an executive's computer.