The web landscape has become a dangerous place recently, as hackers and cybercriminals continue to threaten any business with an online presence. As these menaces plague the Internet, more companies fear their current security solutions will not prevent malicious outsiders from accessing sensitive files on corporate networks.
According to a new study by endpoint security provider Bit9, nearly two-thirds of all respondents believe their companies will be targets of outsiders during the next six months. Sixty-one percent of survey participants said hacktivists, Anonymous in particular, will be the likely candidates to orchestrate the attack. Cybercriminals were the second-most likely antagonist, with 55 percent of businesses saying these groups would breach security over the next several months.
Interestingly, only slightly more than one-quarter of respondents said insiders would be the cause for a data protection incident, the study noted, while nation states, like China and Russia, were cited as a major risk by 48 percent of companies.
Some experts believe this heightened fear of an international attack stems from the headline-grabbing incidents such as the Stuxnet worm and satellite hacks carried out by Chinese cybercriminals. Conversely, others think these concerns are unrationalized and derived from over analyzing mainstream risks instead of focusing on a more central issue: the insider threat.
However, a separate study by AlgoSec found that more than 27 percent of respondents highlighted the fact that insiders could still be a threat to enterprise security if the proper precautions aren’t addressed.
“Poor visibility into what is occurring in the network, insider threats and poor processes that result in out-of-process changes are responsible for much of the day-to-day risk,” said Nimmy Reichenberg of AlgoSec. “Regardless of latest attack vector or breach that makes headlines, it all goes back to strong security processes, visibility and control.”
The Bit9 survey suggests that businesses are changing their perspectives on data security, as 77 percent of respondents said companies and employees are in the best position to improve network protection. By implementing best practices and more robust defensive solutions, organizations believe they can do a better job of keeping sensitive information safe than government regulations and local law enforcement can.
Bit9 found that organizations are becoming more concerned with targeted attacks, as 62 percent of survey respondents said malware and spear phishing techniques that corrupt corporate files are the biggest threat. In regards to how safe companies feel, only 26 percent of IT professionals feel their organizations use effective endpoint security for smartphones, tablets and laptops.
“The survey results put a spotlight on an interesting contradiction: on the surface, people are most afraid of embarrassing, highly publicized attacks from hacktivist organizations like Anonymous but they recognize that the more serious threats come from criminal organizations and nation states,” Bit9 chief technology officer Harry Sverdlove said.
Data Security News from SimplySecurity.com by Trend Micro