BY Richard Summerfield
Cyber threats are evolving all the time, and while cyber criminals become more sophisticated and better equipped, it is the responsibility of companies to ensure that they are well prepared for any attacks. Yet, according to a new report from Alert Logic, many organisations lack confidence that their systems can withstand an assault.
The ‘Threat Monitoring, Detection and Response Report’ notes that companies are increasingly under attack from ransomware and phishing, and frequently experience data losses (these are the three biggest concerns for companies). Yet many cyber security executives in the UK are unconvinced that their company’s overall security posture is adequate.
Just 42 percent of the 400 executives surveyed indicated that they were moderately confident about their company’s ability to repel an attack. Thirty-two percent of executives felt that their company was more likely to experience a cyber breach in the next 12 months, compared to a year ago. Twenty-nine percent believed a breach was less likely, 22 percent did not expect the threat to change and 17 percent were unsure.
Many companies expressed concern about their ability to resist attacks. Primarily, executives believed that a lack of budget (51 percent), a lack of skilled personnel (49 percent) and lack of security awareness (49 percent) were the most significant obstacles facing security teams and the biggest barriers companies face when trying to defend themselves from attack.
Insiders are another growing concern for respondents. Fifty-four percent of those surveyed perceived a growth in these threats over the past year. Indeed, inadvertent insider breaches were cited as the biggest internal threats companies faced (61 percent). Insufficient user training contributed considerably, with 57 percent of respondents claiming that improving training would help overcome internal threats.
Yet despite the increased profile of cyber threats in the media, many cyber security executives do not expect to see their budgets increase substantially. Only 32 percent expect to get more, while 9 percent expect to receive less and 54 percent anticipate the same level.
A number of organisations are utilising threat intelligence platforms to respond to attackers. Forty-seven percent of respondents reported that they were deploying open-source threat intelligence. Thirty-seven percent claimed that they uses a range of commercial vendors. Forty-nine percent claimed that the use of threat intelligence platforms had a positive impact on reducing data breaches.