Network Security Remains a Blind Spot for Businesses
Areas of blind spots within the typical enterprise are many, including applications, network traffic, network devices and user activity.Many enterprises possess an unrealistic confidence surrounding the security of their networks, with more than 65 percent of IT/security professionals contacted for a survey by network visibility and security intelligence specialist Landcope not thinking or being unsure that they had experienced any security incidents within the last 12 to18 months. Areas of blind spots within the typical enterprise are many, including applications, network traffic, network devices, user activity, virtualized appliances and data centers, to name a few. According to Lancope's director of security research, Tom Cross, organizations are underprepared for the eventuality of an incident. "Any system you connect to the Internet is going to be targeted by attackers very quickly thereafter," he said in a statement. "I would assert that if you're unsure whether or not your organization has had a security incident, the chances are very high that the answer is yes." On the bright side, the report's authors said they were encouraged to also see "lack of visibility" top the list of greatest risks identified by survey participants, as well as "monitoring user activity" designated as a key challenge, suggesting large organizations are waking up to the fact that network security is an important issue.
Nearly 18 percent of respondents did admit to recently suffering from malware infections, and 16 percent said they had been the victim of distributed denial-of-service (DDoS) attacks. However, the results suggested other attacks may have gone unnoticed. Insider threats, for example, can be difficult to detect because attackers have authorized access to the data they are looking to steal. Advanced external attackers can also fly under the radar by constructing attacks that are likely to evade commonplace network security solutions.