Cyber-terrorism should be taken more seriously as 63 percent of respondents feel terrorists are capable of launching a catastrophic cyber-attack on the U.S. within one year, according to a Thycotic survey of more than 200 security industry representatives.
The study revealed the key concerns of information security executives, which included the growing threats of global cyber-terrorism, the current state of security within the U.S. and the ability of organizations to prevent such attacks.
Overall, 89 percent of survey respondents said they believe that both military and businesses need to focus more on developing capabilities to defend against terrorist inspired cyber-terrorism.
"Cyber-security is very complicated and often difficult to effectively implement in a large governmental bureaucracy. Governmental institutions need to take a more proactive approach to cyber-security, not simply a defensive one," Thycotic CEO Jim Legg told eWEEK. "There needs to be better gathering and sharing of cyber-threat intelligence, use of big data analytics, and operational processes in place to take immediate action. More agile risk management processes are required."
Legg said each governmental agency must work together to develop the expertise, processes and technology to provide intelligence on threats as well as the ability to track, measure and manage incidents.
Additionally, 92 percent of respondents believe that a majority of U.S. companies either need more security or are way behind the security curve to defend against cyber-terrorism attacks.
"Although cyber-security is a legitimate issue, political candidates simply must not believe that it’s an issue that will help them win an election," Legg explained. "The candidates all agree that cyber security is an important issue that needs to be addressed more diligently, but the campaigns apparently don't seem to think the topic is interesting enough at this time to Americans to secure what they are looking for most, votes. Unfortunately, it might take a real problem to get people to act and for the campaigns to make cyber-security a priority."
Half of respondents said they believe U.S. private companies are more vulnerable than government agencies, and 42 percent said they believe the government is more vulnerable than private companies in the U.S.
"The government and private sector are simply responding too slowly to real cyber-threats that already exist. The possibility of a widespread cyber-attack on national critical infrastructure is, and will continue to be, a major concern for many governments and will be a topic of great conversation moving forward," Legg said. "The scope and the consequences of such attacks may be different for different nations."
He noted a large portion of critical infrastructure facilities still rely on software and technology created decades ago and which has not been sufficiently upgraded.
"The level of sophistication of cyber criminals generally progresses much faster," Legg said. "Therefore, it is important to implement adequate measures to ensure a proper protection of critical assets and capabilities."