More than 71 percent of respondents to a recent online survey are concerned that their company is not equipped to protect itself from cyber attacks, while approximately 88 percent think the government is not equipped to protect itself.
Other findings:
-- The overwhelming majority of respondents (93 percent) believe cyber attacks are on the rise.
-- Respondents cited viruses and malware (67 percent) and DoS attacks (50 percent) as significant threats to organizations today.
-- Respondents (nearly 74 percent) expect their service provider to provide protection against cyber attacks.
-- The clear majority of respondents (90 percent) believe the best way to protect against cyber attacks is with a solution that detects, analyzes and mitigates unwanted, unwarranted or malicious traffic in real time.
Many fear critical networks face significant threats It is no surprise that the majority of survey respondents feel cyber attacks are increasing with alarming frequency. News reports of various worms, bots, viruses and identity theft have put the public on high alert. But despite an increased awareness of cyber attacks and a renewed effort by the Obama administration to fight cyber threats, few respondents feel critical government networks and company networks are adequately protected (12 percent and 19 percent, respectively).
Not only do respondents believe more cyber attacks are being levied on critical networks, an overwhelming majority (95 percent) believe those attacks are increasing in sophistication, as compared with attacks from a year or two ago. Survey results indicate an inability to protect sensitive and confidential data (69 percent) is a top concern among respondents. This is especially true in a cloud environment.
Responsibility of protection placed on carriers Although malicious activity on the Web has undoubtedly prompted most -- if not all -- organizations to put some sort of network security in place, more than 73 percent of respondents feel the onus of security should fall to their respective carriers or service providers. While not part of this study, we believe the reasons for this expectation are because of resource constraints in most organizations, the relative scarcity of skilled personnel, and the lack of widely available tools to detect and mitigate sophisticated attacks.
With a rise in the complexity and sophistication of attacks, the type of security tools that service providers deploy may well be a differentiator as customers begin to understand the real, devastating threats present in the cyber world.
As more networks become compromised, it is evident that standard approaches using signature- and policy-based software and hardware such as malware/anti-virus, firewalls, IDS/IPSs, and SEMs alone or in combination are critical but insufficient. Rather, a multi-tiered system based on vulnerability analysis and risk assessment of the data contained in the network -- enabling complete network and data visibility in distributed, heterogeneous networks and real-time processing and policy enforcement -- will emerge as a more desirable and complete solution.
Realizing that one company cannot possibly offer technology and services to cover the vast needs among organizations, cyber security vendors must cooperate with each and form a "cyber security ecosystem" and to offer more value to their customers. In an ecosystem, vendors interoperate with others in their ecosystem -- such as combining the best of forensics, visualization, data mining and storage -- in addition to their own cyber security solution. This integrated approach seems more valuable as it enables "best of breed" solutions to be combined based on the risk assessment and vulnerability analysis. By extending a vendor's product set through partnerships, cyber security vendors add critical value to their product and provide the best possible system for network protection and management.
Comment from Greg Oslan, CEO and president of Narus: Narus sponsored this survey to uncover what's important to the people most affected by malicious cyber activity -- the network and security professionals. Armed with these results, Narus can bolster its campaign to arm the world's most critical networks with cyber protection -- a solution that will provide the ability to see clearly and act swiftly.
The Narus survey focused on cyber security in the United States. Sponsored jointly with Converge! Network Digest and Government Security News, the survey queried a cross-section of security professionals in a variety of industries. The survey questions were developed by Narus, Converge! Network Digest and Government Security News, with input from noted telecom and security industry pundits. Opinions were gathered online from respondents, representing a cross-section of professionals in a variety of industries. One-on-one interviews were conducted to add more depth to the survey.
Contact: http://www.narus.com
No comments:
Post a Comment