Latest news with #AbsoluteSecurity
National Post
2 days ago
- Business
- National Post
New Absolute Security Research Shows Top Endpoint Security Controls Fail 22% of the Time
Article content Critical Patching for PCs Running Windows 10 and 11 is Delayed Nearly Two Months 35% of PCs Lack Encryption, 26% are Unaccounted for, and 18% Store Sensitive Data AI Use is Exploding, with Enterprise PCs Logging Thousands of Visits to DeepSeek Article content SEATTLE — New research from Absolute Security shows that organizations allow their critical endpoint security controls to drop out of compliance with internal security and performance policies 22% of the time. This dangerous failure rate undermines their ability to defend their businesses against ransomware strikes, compromises, and complexity-driven disruptions. Based on anonymized telemetry from more than 15 million enterprise PCs, the Absolute Security Resilience Risk Index 2025 details how this finding and other silent risks are eroding enterprise security and threatening business continuity. Article content Security Tools Aren't Holding the Line Article content Leading Endpoint Protection Platforms (EPP), Security Service Edge (SSE) solutions, and Vulnerability and Patch Management platforms fail to maintain compliance with internal security and performance policies 22% of the time. This increases the risk of ransomware infections, data breaches, and disruptive incidents across PCs where these tools are deployed. Article content High Performing Solutions are Increasing Concentrated Risk Article content This year, the data revealed a new issue the industry must face — Concentrated Risk. It emerges when organizations fail to recognize that even solutions with high compliance and performance rates can present significant risk when they are deployed across a substantial percentage of PCs. High performers may fail less often — but when these widely-used technologies mafunction, the impact can be catastrophic. This is why every control, regardless of performance rate, must be supported by resilience capabilities that can help organizations to withstand and recover from failure on a large scale. Article content Patching Delays Ignore Industry Best Practices Article content Organizations across all industries take nearly two months to patch vulnerabilities in PCs running Windows. Most organizations determine their own vulnerability scanning and patching schedules. However, this average defies guidance from leading authorities such as the Cybersecurity and Infrastructure Security Agency (CISA), which recommends that patches should not be delayed more than 30 days to avoid vulnerability-driven risks. Article content AI Use is Exploding, Frequently in Defiance of Usage Policies Article content Available data showed that enterprise PCs are logging millions of visits to popular generative AI platforms. Thousands of these visits are landing on DeepSeek, despite organizational and multi-government sanctions against this China-based site. The inability to control usage along with explosive growth is leaving organizations open to not only compliance violations but also the potential to download malicious content and to expose sensitive information to hostile adversaries. Article content Devices Are Missing Encryption, Unaccounted for, and Filled with Sensitive Data Article content 35% of enterprise PCs are not encrypted, 26% are unaccounted for, and 18% store sensitive data. This dangerous combination creates blind spots that leave data and PCs without protection against cybercriminals. These lapses can also give unauthorized users access to corporate networks for prolonged periods, opening an opportunity for threats to expand laterally across systems and assets. Article content 'This research shows that organizations are failing to maintain effective operational performance for leading endpoint security controls, unaware of risky behaviors taking place, and may not be able to keep as up to date on patching as they should. These are all factors that will eventually lead to a major security breach or extended and costly period of downtime,' said Christy Wyatt, CEO, Absolute Security. 'To remain truly protected in today's digital business environment, leaders need to think beyond legacy prevention and detection practices. They must enforce resilience as a core capability to ensure the visibility, control, and agility needed to keep their organizations secure, responsive, and always operational.' Article content For greater details on the resilience risks identified and to learn how to mitigate them with technologies that enforce resilience across your organization, download your complimentary copy of the Absolute Security Resilience Risk Index 2025. About Absolute Security Absolute Security is partnered with more than 28 of the world's leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by thousands of global enterprise customers, and licensed across 16 million PC users. With the Absolute Security Cyber Resilience Platform integrated into their digital enterprise, customers ensure their mobile and hybrid workforces connect securely and seamlessly from anywhere in the world and that business operations recover quickly following cyber disruptions and attacks. To learn more, visit and follow us on LinkedIn, X, Facebook, and YouTube. Article content ABSOLUTE SECURITY, ABSOLUTE, the ABSOLUTE LOGO, AND NETMOTION are registered trademarks of Absolute Software Corporation ©2025, or its subsidiaries. All Rights Reserved. Other names or logos mentioned herein may be the trademarks of Absolute or their respective owners. The absence of the symbols ™ and ® in proximity to each trademark, or at all, herein is not a disclaimer of ownership of the related trademark. Article content Article content Article content
Yahoo
2 days ago
- Business
- Yahoo
New Absolute Security Research Shows Top Endpoint Security Controls Fail 22% of the Time
Critical Patching for PCs Running Windows 10 and 11 is Delayed Nearly Two Months 35% of PCs Lack Encryption, 26% are Unaccounted for, and 18% Store Sensitive Data AI Use is Exploding, with Enterprise PCs Logging Thousands of Visits to DeepSeek SEATTLE, June 04, 2025--(BUSINESS WIRE)--New research from Absolute Security shows that organizations allow their critical endpoint security controls to drop out of compliance with internal security and performance policies 22% of the time. This dangerous failure rate undermines their ability to defend their businesses against ransomware strikes, compromises, and complexity-driven disruptions. Based on anonymized telemetry from more than 15 million enterprise PCs, the Absolute Security Resilience Risk Index 2025 details how this finding and other silent risks are eroding enterprise security and threatening business continuity. Security Tools Aren't Holding the Line Leading Endpoint Protection Platforms (EPP), Security Service Edge (SSE) solutions, and Vulnerability and Patch Management platforms fail to maintain compliance with internal security and performance policies 22% of the time. This increases the risk of ransomware infections, data breaches, and disruptive incidents across PCs where these tools are deployed. High Performing Solutions are Increasing Concentrated Risk This year, the data revealed a new issue the industry must face — Concentrated Risk. It emerges when organizations fail to recognize that even solutions with high compliance and performance rates can present significant risk when they are deployed across a substantial percentage of PCs. High performers may fail less often — but when these widely-used technologies mafunction, the impact can be catastrophic. This is why every control, regardless of performance rate, must be supported by resilience capabilities that can help organizations to withstand and recover from failure on a large scale. Patching Delays Ignore Industry Best Practices Organizations across all industries take nearly two months to patch vulnerabilities in PCs running Windows. Most organizations determine their own vulnerability scanning and patching schedules. However, this average defies guidance from leading authorities such as the Cybersecurity and Infrastructure Security Agency (CISA), which recommends that patches should not be delayed more than 30 days to avoid vulnerability-driven risks. AI Use is Exploding, Frequently in Defiance of Usage Policies Available data showed that enterprise PCs are logging millions of visits to popular generative AI platforms. Thousands of these visits are landing on DeepSeek, despite organizational and multi-government sanctions against this China-based site. The inability to control usage along with explosive growth is leaving organizations open to not only compliance violations but also the potential to download malicious content and to expose sensitive information to hostile adversaries. Devices Are Missing Encryption, Unaccounted for, and Filled with Sensitive Data 35% of enterprise PCs are not encrypted, 26% are unaccounted for, and 18% store sensitive data. This dangerous combination creates blind spots that leave data and PCs without protection against cybercriminals. These lapses can also give unauthorized users access to corporate networks for prolonged periods, opening an opportunity for threats to expand laterally across systems and assets. "This research shows that organizations are failing to maintain effective operational performance for leading endpoint security controls, unaware of risky behaviors taking place, and may not be able to keep as up to date on patching as they should. These are all factors that will eventually lead to a major security breach or extended and costly period of downtime," said Christy Wyatt, CEO, Absolute Security. "To remain truly protected in today's digital business environment, leaders need to think beyond legacy prevention and detection practices. They must enforce resilience as a core capability to ensure the visibility, control, and agility needed to keep their organizations secure, responsive, and always operational." For greater details on the resilience risks identified and to learn how to mitigate them with technologies that enforce resilience across your organization, download your complimentary copy of the Absolute Security Resilience Risk Index 2025. About Absolute Security Absolute Security is partnered with more than 28 of the world's leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by thousands of global enterprise customers, and licensed across 16 million PC users. With the Absolute Security Cyber Resilience Platform integrated into their digital enterprise, customers ensure their mobile and hybrid workforces connect securely and seamlessly from anywhere in the world and that business operations recover quickly following cyber disruptions and attacks. To learn more, visit and follow us on LinkedIn, X, Facebook, and YouTube. ABSOLUTE SECURITY, ABSOLUTE, the ABSOLUTE LOGO, AND NETMOTION are registered trademarks of Absolute Software Corporation ©2025, or its subsidiaries. All Rights Reserved. Other names or logos mentioned herein may be the trademarks of Absolute or their respective owners. The absence of the symbols ™ and ® in proximity to each trademark, or at all, herein is not a disclaimer of ownership of the related trademark. View source version on Contacts News Contact:Joe Franscellapress@ Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Business Wire
2 days ago
- Business
- Business Wire
New Absolute Security Research Shows Top Endpoint Security Controls Fail 22% of the Time
SEATTLE--(BUSINESS WIRE)--New research from Absolute Security shows that organizations allow their critical endpoint security controls to drop out of compliance with internal security and performance policies 22% of the time. This dangerous failure rate undermines their ability to defend their businesses against ransomware strikes, compromises, and complexity-driven disruptions. Based on anonymized telemetry from more than 15 million enterprise PCs, the Absolute Security Resilience Risk Index 2025 details how this finding and other silent risks are eroding enterprise security and threatening business continuity. Security Tools Aren't Holding the Line Leading Endpoint Protection Platforms (EPP), Security Service Edge (SSE) solutions, and Vulnerability and Patch Management platforms fail to maintain compliance with internal security and performance policies 22% of the time. This increases the risk of ransomware infections, data breaches, and disruptive incidents across PCs where these tools are deployed. High Performing Solutions are Increasing Concentrated Risk This year, the data revealed a new issue the industry must face — Concentrated Risk. It emerges when organizations fail to recognize that even solutions with high compliance and performance rates can present significant risk when they are deployed across a substantial percentage of PCs. High performers may fail less often — but when these widely-used technologies mafunction, the impact can be catastrophic. This is why every control, regardless of performance rate, must be supported by resilience capabilities that can help organizations to withstand and recover from failure on a large scale. Patching Delays Ignore Industry Best Practices Organizations across all industries take nearly two months to patch vulnerabilities in PCs running Windows. Most organizations determine their own vulnerability scanning and patching schedules. However, this average defies guidance from leading authorities such as the Cybersecurity and Infrastructure Security Agency (CISA), which recommends that patches should not be delayed more than 30 days to avoid vulnerability-driven risks. AI Use is Exploding, Frequently in Defiance of Usage Policies Available data showed that enterprise PCs are logging millions of visits to popular generative AI platforms. Thousands of these visits are landing on DeepSeek, despite organizational and multi-government sanctions against this China-based site. The inability to control usage along with explosive growth is leaving organizations open to not only compliance violations but also the potential to download malicious content and to expose sensitive information to hostile adversaries. Devices Are Missing Encryption, Unaccounted for, and Filled with Sensitive Data 35% of enterprise PCs are not encrypted, 26% are unaccounted for, and 18% store sensitive data. This dangerous combination creates blind spots that leave data and PCs without protection against cybercriminals. These lapses can also give unauthorized users access to corporate networks for prolonged periods, opening an opportunity for threats to expand laterally across systems and assets. 'This research shows that organizations are failing to maintain effective operational performance for leading endpoint security controls, unaware of risky behaviors taking place, and may not be able to keep as up to date on patching as they should. These are all factors that will eventually lead to a major security breach or extended and costly period of downtime,' said Christy Wyatt, CEO, Absolute Security. 'To remain truly protected in today's digital business environment, leaders need to think beyond legacy prevention and detection practices. They must enforce resilience as a core capability to ensure the visibility, control, and agility needed to keep their organizations secure, responsive, and always operational.' For greater details on the resilience risks identified and to learn how to mitigate them with technologies that enforce resilience across your organization, download your complimentary copy of the Absolute Security Resilience Risk Index 2025. About Absolute Security Absolute Security is partnered with more than 28 of the world's leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by thousands of global enterprise customers, and licensed across 16 million PC users. With the Absolute Security Cyber Resilience Platform integrated into their digital enterprise, customers ensure their mobile and hybrid workforces connect securely and seamlessly from anywhere in the world and that business operations recover quickly following cyber disruptions and attacks. To learn more, visit and follow us on LinkedIn, X, Facebook, and YouTube. ABSOLUTE SECURITY, ABSOLUTE, the ABSOLUTE LOGO, AND NETMOTION are registered trademarks of Absolute Software Corporation ©2025, or its subsidiaries. All Rights Reserved. Other names or logos mentioned herein may be the trademarks of Absolute or their respective owners. The absence of the symbols ™ and ® in proximity to each trademark, or at all, herein is not a disclaimer of ownership of the related trademark.
Daily Mail
5 days ago
- Business
- Daily Mail
EXCLUSIVE WFH staff are leaving British businesses exposed to a lethal cyber attack that will 'cripple' their firms and wipe them out
British businesses fear hackers could completely wipe them out following the devastating cyberattack on Marks & Spencer, a survey has found. Two thirds of security leaders at medium and large sized companies in the UK admit an assault on a similar scale could 'cripple' their organisation. Experts have warned the financial damage from ransom demands and clean up costs can often cost millions of pounds - enough to jeopardise some firms' futures. The poll by Absolute Security was carried out just weeks after M&S was hit over the Easter holidays, costing the retailer £300m and shaving £1bn off its market value. M&S boss Stuart Machin recently admitted the attack - caused by 'human error' - had been 'the most challenging situation we've encountered'. Security leaders further revealed staff still working from home remained a major problem, with 62% revealing remote devices were the 'biggest weakness' in their digital defences. Over half - 51 per cent - of the businesses polled had been hit by a ransomware attack in the past year, with 59 per cent citing it as their biggest concern. The consequences of such an attack are profound, with 63 per cent of the 250 security leaders polled in May revealing the financial loss from ransomware could cripple their organisation. The average cost of a ransomware attack on businesses is £850,000 in the UK - but this can rise exponentially for larger firms. The LockBit group demanded £65m demanded after hacking the Royal Mail in 20243. The recovery costs from a cyberattack last year on Synnovis, a pathology services provider for the NHS that led to the cancellation and delay of thousands of medical procedures, were estimated at £32m - over seven times the company's annual profits. Several UK firms have already gone bust following cyberattacks. In 2020, Peterborough-based Travelex went into administration after being hit by a cyber attack by the notorious criminal gang REvil - who demanded a £4.6m ransom - on New Year's Eve. The attack caused a month of disruption, with staff unable to use computers to keep track of trading, and impacting high-profile clients including Barclays and Asda. The company said it 'had a large part to play' in the company filing for insolvency later that year, with 1,300 employees losing their jobs. KNP Logistics - one of the UK's largest privately owned logistics groups - suffered a similar fate after a huge ransomware attack in June 2023. Three months later, it blamed the cyberattack when it was claimed bankruptcy, making 730 staff redundant. Over the past month, major UK retailers - including M&S, Co-op, and Harrods - were hit by a wave of coordinated cyberattacks attributed to a hacker group known as Scattered Spider. The attacks primarily used so-called 'social engineering' tactics, in which criminals manipulate employees into sharing sensitive information to get them into internal IT systems. As a result,one of the biggest challenges remains the threat posed by staff working from home, with critics claiming employees refusing to come into the office often fail to install up-to-date security on their laptops for weeks or even months. The survey revealed 60 per cent of security leaders believe remote working has 'complicated' their ability to defend against cyberattacks. Jake Moore, global security advisor at cybersecurity software company ESET, said: 'It's not surprising that the majority of medium and large businesses would see their future thrown into doubt after a cyberattack. 'Ransom demands are often in the millions, but even when the ransom isn't paid, the costs associated with recovery and lost revenue can be staggering. 'In some cases, such as with M&S, the clean up operation can even cost far more than the original ransom payment forcing an unbelievably difficult decision at the time of attack.' Andy Ward, SVP at Absolute Security, said: 'Recent high-profile cyber attacks have highlighted just how vulnerable major British retailers—and indeed many UK businesses—have become. Cybercriminals now have the capacity to severely disrupt, or even dismantle, organisations at scale. 'Our research reveals that many large and medium-sized UK businesses believe that a serious cyber incident could cripple their operations or threaten their very survival.'
National Post
19-05-2025
- Business
- National Post
Absolute Security Introduces Extreme Resilience
Article content Accelerate Enterprise-Scale Recovery Following Cyberattacks and IT Incidents Without Having to Wait for Software Vendors to Prioritize and Remediate Issues Article content Article content SEATTLE & LAS VEGAS — (Dell Technologies World 2025) – Absolute Security, a leader in enterprise resilience, today announced new Extreme Resilience capabilities available in Rehydrate, an Absolute Resilience Platform module. Rehydrate enables remote restoration of Windows endpoints at enterprise scale with a single click. It delivers full recovery even when the device OS and other security or management tools have crashed, been compromised, or become corrupted. Article content With these new Extreme Resilience capabilities, Rehydrate is now the only business continuity restoration solution that offers playbook-driven response capabilities that empower Security and IT operations teams to: Article content Respond to almost any failure condition with corrective actions, in any environment, without waiting for vendors to prioritize incidents, issue patches, or remediate issues. Define and execute incident-specific playbooks tailored to nearly any failure conditions, including targeted ransomware attacks. Trigger playbooks via API to integrate with SIEM, SOAR, and other SOC and IT operations tools to support automated investigation, response, and recovery workflows. Article content The Absolute Security Resilience Risk Index 2025 revealed that organizations struggle to keep top security and risk controls in compliance with internal security and risk policies as much as 22 percent of the time. These findings and others in the report show that organizations need to be ready to respond immediately and independently — without relying on vendors' external timelines or tools that may fail or present delays when they're needed most. Article content 'When the inevitable attack strikes or disruption hits, time becomes a liability. You can't afford to rely on a single-purpose solution or wait while another organization decides how severe your issue is or when to respond,' said John Herrema, Chief Product Officer, Absolute Security. 'You need a new level of Extreme Resilience that puts you in control, empowering you to assess, prioritize, and remediate disruptions without delay.' Article content To learn more about new Rehydrate capabilities or to receive a demo, book a meeting with Absolute Security at Dell Technologies World 2025. Article content Absolute Security is partnered with more than 28 of the world's leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by thousands of global enterprise customers, and licensed across 16 million PC users. With the Absolute Security Resilience Platform integrated into their digital enterprise, customers ensure their mobile and hybrid workforces connect securely and seamlessly from anywhere in the world and that business operations recover quickly following cyber disruptions and attacks. To learn more, visit and follow us on LinkedIn, X, Facebook, and YouTube. Article content ABSOLUTE SECURITY, ABSOLUTE, the ABSOLUTE LOGO, AND NETMOTION are registered trademarks of Absolute Software Corporation ©2025, or its subsidiaries. All Rights Reserved. Other names or logos mentioned herein may be the trademarks of Absolute or their respective owners. The absence of the symbols ™ and ® in proximity to each trademark, or at all, herein is not a disclaimer of ownership of the related trademark. Article content Article content Article content Article content Article content Article content
