Security Ops Confidence Levels Drop

  /     /     /  
Publicated : 22/11/2024   Category : security


Security Ops Confidence Levels Drop


Survey shows most organizations unable to keep up with new and emerging threats from state-sponsored attackers.



As foreign state-sponsored attackers turn up the heat on corporate targets, security operations staffers are losing confidence in their ability to stave off these threats. New survey results released this week showed that confidence levels among IT security professionals has slipped this year, with fewer than half of them feeling sure they can keep up with new and emerging threats.
Conducted among Black Hat attendees by Lieberman Software,
the survey
asked infosec professionals about their organizations readiness to respond to state-sponsored and other advanced attacks. The study found that 59% of respondents believe their organizations are likely to be the target of a state-sponsored attack sometime in the next six months.
This kind of awareness likely comes from the increasing prevalence of successful state-sponsored attack incidents hitting the headlines. And these attacks are no longer just limited to military contractors. Just last month it was found that state-sponsored attackers from China
broke into Community Health Systems
(CHS) and stole data about 4.5 million patients.
[How much do enterprises really care about IAM? Read
Identity and Access Management Market Heats Up
.]
According to this weeks survey results, 48% do not think their staff or tools would be able to detect such attacks. Meanwhile only 41% of respondents think that their tools and processes are able to keep up with new and emerging threats. That represents a drop in confidence compared to the same survey conducted last year, when 57% of IT security pros said they believed they could keep up.
According to Phil Lieberman, CEO of the firm, the results could suggest a mind shift as infosec pros view many existing IT security infrastructure investments as a gigantic waste of money.
IT professionals are backing away from legacy and analyst-recommended solutions and strategies, since they are toxic to their company and their personal careers, he says, pointing to fallout from breaches at Target and Home Depot as examples. Only strong senior leadership will fix the current security debacle of weak internal security as there are no get out of jail free cards from the auditor or analyst community.
This strong leadership should be directed at better security design and improved processes. But that may not be easy, as in many cases for controls that improve things like least privilege access, greater accountability for all users, and increased segmentation of data and networks. All of that may require the breakdown of existing political power bases within enterprises, he says.
In effect, this is an act of creative destruction that reorganizes the operations of companies along military lines of information compartmentalization and builds in the necessary systems to be resilient against attacks, Lieberman says.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Security Ops Confidence Levels Drop