Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Small Business

    IT Pros Worried About Security Breach Reporting

    By
    Nathan Eddy
    -
    July 1, 2015
    Share
    Facebook
    Twitter
    Linkedin
      it security and lieberman

      The vast majority (87 percent) of IT professionals believe large financial hacks are happening more often than reported, and right under the nose of security auditors, according to a survey of nearly 150 IT professionals conducted by Lieberman Software.

      Meanwhile, 71 percent of respondents think that an advanced persistent threat (APT) attack will attempt to breach their organization in the next six months.

      “There is a clear lack of visibility of the CEO and board of directors to the weaknesses and the inability of IT to manage risk and mitigate consequences to known outcomes,” Philip Lieberman, president of Lieberman Software, told eWEEK. “From a leadership point of view, many … companies and government agencies [are being run] with a ticking time bomb and no ability to stop it or reduce the consequences of a breach. Not all of the blame lies with IT, but senior leadership of companies [is] not building in resiliency into their business operations when it comes to IT.”

      The study also found that IT professionals (89 percent) believe the recently announced U.S. federal government cyber-security sanctions provide a deterrent to cyber-criminals.

      “IT can build and operate workstations, servers and the cloud in a manner that service can be restored quickly. The common attack as well as the land and expand methods of intruders depend on moving within the network via stolen credentials,” Lieberman said. “To minimize this consequence, companies must change the way they use privileged identities from the IT perspective—no use of domain admin accounts—and the removal of users having local administrator rights on their own machines.”

      He said these changes and the hygienic operation of identity management are keys to minimization of consequences.

      “Further automation of attackers and the increased use of zero days and unpatched vulnerabilities are increasing. The lack of investment within internal IT security as well as continued use of lowest cost outsourced IT will raise the frequency of these attacks and their consequences,” Lieberman said. “There is an evolution of a new class of managed security services vendors that should find great success in cleaning up and running previously uncontrolled and infected environments, but unfortunately, most will be after the damage has been done to the organizations.”

      He said his company believes that only through the automation of privileged identities of all types and the enforcement of only just enough privilege (JEA) and just in time privilege (JIT) will the firestorm of attacks be quelled for most companies.

      “These techniques and technologies are readily available from many vendors and can be implemented at no cost, but they do require fundamental changes in the processes used by companies and government agencies,” he explained.

      Almost 30 percent of those polled are not confident that their IT security staff can detect a cyber-attack attempting to breach their network, and nearly half (49 percent) of respondents believe that external cyber-attacks pose the bigger risk to their network, versus 35 percent who think that insiders are the larger risk.

      Nathan Eddy
      A graduate of Northwestern University's Medill School of Journalism, Nathan was perviously the editor of gaming industry newsletter FierceGameBiz and has written for various consumer and tech publications including Popular Mechanics, Popular Science, CRN, and The Times of London. Currently based in Berlin, he released his first documentary film, The Absent Column, in 2013.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×