Breaches Missed, Companies Don't Know What They're Looking For
Less than half of IT professionals (48%) would be fully confident knowing a breach had even happened, meaning that more could have taken place without their knowledge.
That's according to the Unknown Network Survey, undertaken in the UK, France, Germany and the US by Balabit, which suggested this deficiency could result in over a quarter of companies being breached in the next six months.
The research also demonstrates that businesses believe that technology struggles to keep up with security threats (73%), even though the majority think it’s effective.
“Attacks are becoming more and more sophisticated and every organization is at risk," said Csaba Krasznay, security evangelist, Balabit. “Security is no longer about simply keeping the bad guys out. Security teams must continuously monitor what their own users are doing with their access rights, as part of a comprehensive and cohesive security strategy.
“What’s really alarming, though, is that the majority of businesses know very little about the nature of the security breaches that are happening to them. Many even admit that a security breach could quite feasibly go unnoticed. That’s how loose a grip we’ve got on them, or how little we really understand them. We know about breaches, sure – but we really don’t know enough.”
The report also confirms that senior IT professionals believe that insider data breaches are the biggest threat when it comes to network security, with 80% also stating that educating employees would be the key to securing the network.
However, Mike Turner, COO of Capgemini's cybersecurity global service line, believed organizations are purely focusing on employee education and not looking at other security weaknesses in the business.
“Companies are relying on user behavior and that's not enough – they need to fall back on a multi-layered approach that focuses on the other elements of the defense.”
Source: Information Security Magazine