If you thought that cyber security threats were troubling in 2013, then you should brace yourself for the onslaught that's very likely in 2014. A new generation of security threats stemming from progressive business technology trends -- such as BYOD, mobility and cloud services adoption -- will expose organizations to a multitude of new risks.
According to the findings of a global security survey sponsored by Dell, the majority of IT leaders around the world say they don’t view these threats as top security concerns and they're not prioritizing how to find and address them across the many points of origin.
Apparently, what you don't know can be very harmful. When respondents were asked to look at long term priorities, only 37 percent ranked "unknown threats" as a top security concern in the next five years.
Epidemic threats come from all perimeters, and are often hidden in poorly configured IT account settings or permissions, and ineffective data governance, access management and mainstream employee usage policies.
“Traditional security solutions can defend against malware and known vulnerabilities, but are generally ineffective in this new era of stealthy, unknown threats from both outside and inside the organization. These threats evade detection, bypass security controls, and wreak havoc on an organization’s network, applications, and data. But despite these dangers, our study found, among those surveyed, organizations are just not prepared," said Matt Medeiros, vice president and general manager, Dell Security Products.
Key findings from the market study include:
The dramatic spike in social engineering, malicious and/or accidental internal attacks, as well as sophisticated, advanced persistent threats means the organization is vulnerable from all directions.
According to the Dell assessment, all stakeholders must immediately take action to strengthen access to points inside and outside the perimeter, and help users prevent such attacks.
Among the IT decision-makers surveyed, bring your own device (BYOD) programs, cloud and the Internet were the top areas of concern for security threats.
According to the findings of a global security survey sponsored by Dell, the majority of IT leaders around the world say they don’t view these threats as top security concerns and they're not prioritizing how to find and address them across the many points of origin.
Apparently, what you don't know can be very harmful. When respondents were asked to look at long term priorities, only 37 percent ranked "unknown threats" as a top security concern in the next five years.
Epidemic threats come from all perimeters, and are often hidden in poorly configured IT account settings or permissions, and ineffective data governance, access management and mainstream employee usage policies.
“Traditional security solutions can defend against malware and known vulnerabilities, but are generally ineffective in this new era of stealthy, unknown threats from both outside and inside the organization. These threats evade detection, bypass security controls, and wreak havoc on an organization’s network, applications, and data. But despite these dangers, our study found, among those surveyed, organizations are just not prepared," said Matt Medeiros, vice president and general manager, Dell Security Products.
Key findings from the market study include:
- 64 percent of respondents agree that organizations will need to restructure/reorganize their IT processes, and be more collaborative with other departments to stay ahead of the next security threat. Of those surveyed in the United States, 85 percent said this approach is needed, contrasting with the U.K. (43 percent) and Canada (45 percent), which were the least convinced this would be necessary.
- Nearly 90 percent of respondents believe government should be involved in determining organizations’ cyber defense strategies, and 78 percent in the Unites States think the federal government plays a positive role in protecting organizations against both internal and external threats, which underscores the need for strong leadership and guidance from public sector organizations in helping secure the private sector.
Beware of Unknown Security Threats
The dramatic spike in social engineering, malicious and/or accidental internal attacks, as well as sophisticated, advanced persistent threats means the organization is vulnerable from all directions.
According to the Dell assessment, all stakeholders must immediately take action to strengthen access to points inside and outside the perimeter, and help users prevent such attacks.
- 67 percent of survey respondents say they have increased funds spent on education and training of employees in the past 12 months; 50 percent believe security training for both new and current employees is a priority.
- 54 percent have increased spending in monitoring services over the past year; this number rises to 72 percent in the United States.
Among the IT decision-makers surveyed, bring your own device (BYOD) programs, cloud and the Internet were the top areas of concern for security threats.
- BYOD ─ A sizable number of respondents highlighted mobility as the root cause of a breach, with increased mobility and user choice flooding networks with access devices that provide many paths for exposing data and applications to risk.
- 93 percent of organizations surveyed allow personal devices for work. 31 percent of end users access the network on personal devices (37 percent in the United States).
- 44 percent of respondents said instituting policies for BYOD security is of high importance in preventing security breaches.
- 57 percent ranked increased use of mobile devices as a top security concern in the next five years (71 percent in the U.K.).
- 24 percent said misuse of mobile devices/operating system vulnerabilities is the root cause of security breaches.
- Cloud ─ Many organizations today use cloud computing, potentially introducing unknown security threats that lead to targeted attacks on organizational data and applications. Survey findings prove these stealthy threats come with high risk.
- 73 percent of respondents report their organizations currently use cloud (90 percent in the United States).
- Nearly half (49 percent) ranked increased use of cloud as a top security concern in the next five years, suggesting unease for the future as only 22 percent said moving data to the cloud was a top security concern today.
- In organizations where security is a top priority for next year, 86 percent are using cloud.
- 21 percent said cloud apps or service usage are the root cause of their security breaches
- Internet ─ The significance of the unknown threats that result from heavy use of Internet communication and distributed networks is evidenced by the 63 percent of respondents who ranked increased reliance upon internet and browser-based applications as a top concern in the next five years.
- More than one-fifth of respondents consider infection from untrusted remote access (public wifi) among the top three security concerns for their organization.
- 47 percent identified malware, viruses and intrusions often available through web apps, OS patching issues, and other application-related vulnerabilities as the root causes of breaches.
- 70 percent are currently using email security to prevent outsider attacks from accessing the network via their email channel.