Twitter Facebook Google RSS
National Defense > Blog > Posts > Survey: Companies Failing to Prepare for Unknown Cyber Security Threats
Survey: Companies Failing to Prepare for Unknown Cyber Security Threats
By Yasmin Tadjdeh

Companies are funneling more money into cyber security, but not enough are preparing for future, dangerous "unknown threats," according to a recent survey.

Many companies are investing in cyber security, but a Dell report found that only 18 percent of IT leaders interviewed considered "predicting and detecting unknown threats a top security concern."

At the same time, 73 percent of those asked said their company had experienced a security breach in the last year.

Companies must become proactive at preventing unknown cyber threats, said Paul Christman, vice president of public sector for Dell Software. Unknown threats are considered external actors that are fast and often able to transform quickly, he said.

Many security programs use patches or firewalls, but this is a reactive and based only on known threats, he said.

"If all you do is play defensive, if all you do is react to what has been identified as bad behavior, or bad activity or some sort of bad actor someplace, you're always going to be one step behind," Christman said.

The study, which was conducted in the fall of 2013, surveyed 1,440 IT decision makers in organizations with 500 employees or end users throughout the world, in both the private and public sectors.

To find these unknown threats, companies need to look at data and see if traces of intrusions are left behind, Christman said. If they can connect markers of intrusions, they can predict future attacks and move the unknown into the known, he said.

"That moves you into predicative, proactive protection. You're not going to get it by just looking at the firewall, you're just not going to get it by looking at virus signatures [and] you're not going to find it by looking at malware, because those things are already known," he said.

Investing in only known threats creates unnecessary risk, he said.

Of the industry officials polled, 83 percent said their companies had "security processes that enable them to immediately identify a security breach." The actual timeframe, officials reported, was an average of seven hours to detect an intrusion, the report said.

In reality, it can take some companies months to discover that there has been an intrusion in their networks, Christman said. Even if all companies could detect a presence in their network within seven hours, that can be unacceptable depending on the industry, he said.

"If you are dealing with a financial trading system, can you tolerate that being down for seven hours? Absolutely not. You wouldn't tolerate it being down for seven seconds," Christman said.

Stopping hackers and thieves needs to be a collective effort between the public, the government and industry, Christman said. As more attacks target private information, such as medical, financial or computer data, the public will become increasingly aware of the dangers, he said.

"Anybody that is a consumer or producer needs to participate in this," Christman said.

Photo Credit: Thinkstock


There are no comments yet for this post.
Items on this list require content approval. Your submission will not appear in public views until approved by someone with proper rights. More information on content approval.

Name: *

eMail *

Comment *



Name: *

eMail *

Comment *


Please enter the text displayed in the image.
The picture contains 6 characters.

Characters *


Legal Notice *

NDIA is not responsible for screening, policing, editing, or monitoring your or another user's postings and encourages all of its users to use reasonable discretion and caution in evaluating or reviewing any posting. Moreover, and except as provided below with respect to NDIA's right and ability to delete or remove a posting (or any part thereof), NDIA does not endorse, oppose, or edit any opinion or information provided by you or another user and does not make any representation with respect to, nor does it endorse the accuracy, completeness, timeliness, or reliability of any advice, opinion, statement, or other material displayed, uploaded, or distributed by you or any other user. Nevertheless, NDIA reserves the right to delete or take other action with respect to postings (or parts thereof) that NDIA believes in good faith violate this Legal Notice and/or are potentially harmful or unlawful. If you violate this Legal Notice, NDIA may, in its sole discretion, delete the unacceptable content from your posting, remove or delete the posting in its entirety, issue you a warning, and/or terminate your use of the NDIA site. Moreover, it is a policy of NDIA to take appropriate actions under the Digital Millennium Copyright Act and other applicable intellectual property laws. If you become aware of postings that violate these rules regarding acceptable behavior or content, you may contact NDIA at 703.522.1820.



Bookmark and Share