Many enterprises possess an unrealistic confidence surrounding the security of their networks, with more than 65 percent of IT/security professionals contacted for a survey by network visibility and security intelligence specialist Landcope not thinking or being unsure that they had experienced any security incidents within the last 12 to18 months.
Areas of blind spots within the typical enterprise are many, including applications, network traffic, network devices, user activity, virtualized appliances and data centers, to name a few. According to Lancope’s director of security research, Tom Cross, organizations are underprepared for the eventuality of an incident.
“Any system you connect to the Internet is going to be targeted by attackers very quickly thereafter,” he said in a statement. “I would assert that if you’re unsure whether or not your organization has had a security incident, the chances are very high that the answer is yes.”
On the bright side, the report’s authors said they were encouraged to also see “lack of visibility” top the list of greatest risks identified by survey participants, as well as “monitoring user activity” designated as a key challenge, suggesting large organizations are waking up to the fact that network security is an important issue.
Nearly 18 percent of respondents did admit to recently suffering from malware infections, and 16 percent said they had been the victim of distributed denial-of-service (DDoS) attacks. However, the results suggested other attacks may have gone unnoticed. Insider threats, for example, can be difficult to detect because attackers have authorized access to the data they are looking to steal. Advanced external attackers can also fly under the radar by constructing attacks that are likely to evade commonplace network security solutions.
“Organizations need to make sure that, when faced with the inevitable, they can identify an incident as quickly as possible,” Cross said. “With new attacks making headlines on a nearly weekly basis, it’s time for organizations to take a more strategic, holistic approach when it comes to network security.”
Organizations were more realistic when evaluating the potential risk of insider threats to their infrastructure, with 32 percent naming it as one of the greatest risks. However, this concern was far overshadowed by fears associated with bring-your-own-device (BYOD) policies and the use of mobile devices, which came in at more than 50 percent.
“Even the most basic malware infection has some financial cost to the organization, even if it’s just the cost to clean infected machines,” Cross said. “Not to mention the additional serious consequences that can result from a breach, including data loss, customer distrust, regulatory fines and many others.”