The survey was carried out recently at Black Hat USA 2014 in Las Vegas among IT security professionals. It revealed that respondents are finding it more difficult to cope with cyber attacks today than a year ago. When Lieberman Software conducted a similar survey at Black Hat 2013, the majority of respondents revealed they were confident that their organization's security products and processes could keep up with new and emerging security threats. However, in the 2014 study, this figure dropped significantly to only 41 percent.
Commenting on the findings, Philip Lieberman, CEO of Lieberman Software, said: “The latest targeted cyber-attacks on government organizations and high-profile companies show the need for better awareness and responsiveness in cyber security. Organizations should no longer be solely dependent on perimeter security products, like firewalls and intrusion detection, to protect their systems. Today they need IT staff who are better trained to identify potential attacks, and interior security solutions that can restrict lateral movement in the network when attacks do manage to penetrate the perimeter.”
Other findings from the survey showed that 59 percent of respondents believe a state-sponsored attack will attempt to breach their organization in the next six months. More startling, among those fearful of state-sponsored attacks, 44 percent confess that they could not detect the presence of an attacker attempting to penetrate their network to access sensitive data.
“Despite these findings the reality is that most organizations – whether in finance, retail or other highly targeted industries - really have minimal protection against sophisticated nation-state attacks,” Lieberman said. “The lesson to be learned is that organizations need to up their cyber security game and move from off-the-shelf security tools to much more advanced military-grade security. Too many organizations are simply focused on obtaining passing grades from security auditors, but fail to place enough emphasis on the real and constant advanced persistent threats from the outside.”
