Security undermined by companies investing in the wrong areas

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.information-age.com/technology/security/123458243/security-undermined-companies-investing-wrong-areas

More than 96% of organisations experienced a significant IT security
incident in the past year, according to a new report from network security
solutions provider ForeScout Technologies conducted by IDG Connect. The
majority of IT organisations are aware that some of their security measures
are immature or ineffective, but only 33% have high confidence that their
organisations will improve their less mature security controls.

Also evident in the results, increasing operational complexity and threat
landscape have affected security capacity as more than 43% perceive problem
prevention, identification, diagnosis and remediation are more challenging
than two years ago. On aggregate, one in six organisations had five or more
significant security incidents in the past 12 months. While confidence in
IT security management appears optimistic, overall findings showed a
contradiction in efficacy and likely investment compared to where incidents
have been most impactful.

Finding highlights

The need to improve security management is evidenced by the growing number
of industry and regulatory compliance frameworks specifying security
measures and how sensitive information is protected both on and
off-premise. Network complexity, exposure diversity and threat velocity are
challenging security operations. But organisations don’t know where they
stand and where they are going without a baseline.

The survey, conducted and compiled during May and June of 2014, illustrates
the nature of security threats and the extent of defence maturity arrayed
against organisations with more than 500 employees in the finance,
manufacturing, healthcare, retail and education sectors in the U.S., U.K,
Germany, Austria and Switzerland.

While the complete 2014 Cyber Defence Maturity Report offers more extensive
data, analysis and inference, the survey highlights include findings that
one in six organisations had five or more significant incidents, and 39%
had two or more incidents.

Top security incidents comprised of phishing, compliance policy violations,
unsanctioned device and application use, and unauthorised data access. 40%
reported that security management tasks are more challenging now than two
years ago; specifically problem prevention, diagnosis, identification and
remediation, and the most frequent cited security issues were from malware
and advanced threats, application and wireless security, network resource
access, unsanctioned application and personal mobile device use, and data
leakage.

Control practices indicated as relatively immature were personal mobile
device usage, perimeter threats, inventory management and endpoint
compliance, virtualisation security, rogue device and application security.
However, only 54% of respondents said they were somewhat confident in the
likelihood of improvement over the next 12 months.

Over 61% cited low to no confidence on network device intelligence,
maintaining configuration standards and defences on devices, and ensuring
virtual machine and remote devices adhere to policy.

The top five security technologies perceived to have the greatest
interoperability value were firewalls, anti-malware, network access control
(NAC), mobile device management (MDM), and advanced threat detection (ATD).

Industry and regional highlights

Malware and APT attacks were rated as a top priority across all industries
and regions, yet it appears that there is lower likelihood of investing
further resources to reduce perimeter threats.

Significant compliance policy violations that consumed a large amount of
time to recover from occurred an average of 2.6 times in the last 12 months
on aggregate across all three regions, but more in the U.S. as compared to
U.K. and DACH countries.

Manufacturing, education and finance sectors in general appear more prone
to phishing attacks while the healthcare sector was more likely to
experience higher than average compliance policy violations. Exception is
the manufacturing vertical in the UK where unsanctioned application and
device use, compliancy policy violations and zero-day malware showed more
incidents.

Healthcare was more concerned about data leakage monitoring issues compared
to other manufacturing, education, retail and finance. Compared to the
other verticals in the UK and/or security concerns, data leakage monitoring
is by far the most important issue to healthcare in the UK; and in
particular in the DACH region unsanctioned device and application use and
system breaches appear more problematic.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!