IT Security Unprepared for Targeted Attacks
Businesses are struggling to prevent targeted security attacks with IT departments that take a protective stance.Businesses are ill-prepared to detect and stop advanced, targeted security attacks, according to a survey of information security executives at enterprise organizations with revenue greater than $100 million. The study, sponsored by cyber-attack intelligence and response solutions provider CounterTack and conducted by ResearchNow, showed that nearly half the respondents indicated their organizations were attacked within the past year, and one-third of those attacked said they lack confidence in their organizations' readiness and ability to defend against other attacks. Thirty-six percent of respondents indicated that if an attacker got inside their perimeter defenses and into their networks, they would not be able to see or stop the attack, and respondents gave themselves low marks when asked to grade themselves at discovering in-progress attacks quickly enough to mitigate damage and prevent catastrophic loss. In addition, nearly one-third of security teams said they spend more than 50 hours per month studying existing malware permutations to prevent future attacks.
"This survey corroborates the anecdotal evidence many of us in the industry are exposed to, which paints a chillingly accurate picture of a growing chasm between executive awareness about the nature of rapidly evolving threats and the available resources to address them," Richard Stiennon, chief research analyst at IT-Harvest, said in prepared remarks. "While the willingness of information security executives to explore new ways of dealing with targeted advanced threats in the coming months is an encouraging finding, it's also evident that economic constraints and outmoded thinking will remain stumbling blocks."