While being hit by malware, such as worms and Trojans, were a concern for respondents to a recent Solera Networks study, 93 percent of them said they were “moderately or extremely concerned” about network downtime, followed with 92 percent concerned about the time required to recover from security incidents. Malware was the third item respondents were worried about.
In fact, network downtime concerns trumped all worries. Even though almost a third of the respondents said attackers were more likely to steal intellectual property, only 69 percent were worried about actual theft.
Almost all the respondents, or 96 percent, considered employee web activity, such as browsing to a malicious Website, a threat, according to the study. A significant number, 71 percent, said instant messaging (IM) poses security threats. Very few respondents, or 12 percent, felt the organisation could effectively monitor or capture IM activity.
Most survey respondents had, or expected to have, a “significant” security incident. A little over a third of the respondents reported a significant security incident within the last three years, and more than 80 percent thought it likely they would experience one in the next three years, according to the study.
“Opportunistic theft and vandalism on networks is being replaced with targeted, multi-component, persistent attacks focused on specific systems and assets,” said Peter Schlampp, vice president of marketing and product management at Solera.
There was a very wide gap between what staff and managers were worried about and what the company was doing. Despite being worried about an attack, half of the organisations knew they were either not prepared or only somewhat prepared to handle these incidents.
Most organisations are “ill-prepared” to prevent and respond to security incidents, said Schlampp.
About 35 percent of the companies surveyed reported having “weak or no incident response plans” to address business continuity and recover from network downtime.
Nearly everyone, or 96 percent, said real-time traffic data and network forensics would help analyse and review what is happening on the network, but only 19 percent said their organisation has the capability to collect the data, according to the survey. Survey researchers found that even those who claim to collect the data are getting very limited information.
The “good news” is that many enterprises recognise that the ability to perform real-time network forensics is critical and are beginning to budget and plan for it, wrote the researchers.
Solera’s Network Forensics Survey is an annual survey, in its second year, examining how IT and network security personnel view and respond to network security breaches. More than 1,000 IT professionals from large enterprises in the United States, with at least 1,000 network nodes, were selected for the survey. Upper and middle management made up a little over two-thirds of the respondents. The remainder consisted of regular staff and workgroup managers. About 27 percent of the respondents were security professionals, and half were part of the IT department.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…