RSS Alerts

Related Links

Related Stories

  • Infosecurity Europe 2010: Organizations fall short on securing website applications
    IT security professionals in the US believe that their organizations lack proper investment in website application security, even though many of their websites contain ‘mission critical’ applications. This is according to a study conducted by the Ponemon Institute and sponsored by data security firm Imperva and WhiteHat Security, which tests websites for vulnerabilities.
  • Infosecurity Europe 2010: Survey says US boasts highest data breach costs
    A newly released global survey by the Ponemon Institute shows that, among five of the largest industrialized nations, data breaches affecting US organizations are the costliest both in terms of cost per compromised record and the overall price tag per incident.
  • Companies lag behind on cloud security
    Enterprise customers are lagging behind on cloud security, according to a study released by Symantec and the Ponemon Institute.
  • Ponemon: Cost of breaches rising
    The Ponemon Institute has published its annual survey analyzing the cost of data breaches, and has found them rising. Its report, 2008 Annual Study: The Cost of a Data Breach, analyzed input from 43 US firms and found that the cost of the average breach was up 2.5% from last year. It had risen even more sharply since 2006, climbing 11%.
  • Comment: Anti-Malware Automation Tools Save Time and Money
    IT budgets continue to be squeezed while malware challenges become more formidable each day. Matt Allen of Norman Data Defense Systems discusses how sandboxing technologies can deliver on cost-effectiveness and timeliness claims by doing high-volume malware analysis in a safe environment.
    Members' Content

News

Organizations in the dark about advanced cyberattacks

30 June 2010

Many organizations are unaware they are being targeted by advanced cyberattacks and are failing to respond effectively, according to research from the Ponemon Institute.

Some 41% of more than 500 US organizations polled said they were unable to determine if they were being targeted by zero-day and other advanced cyber threats designed to evade countermeasures.

Most respondents (83%) said their organizations had been targeted recently by advanced attacks and 71% said such attacks have increased in the past year.

According to Ponemon, zero-day attacks are the most prevalent form of advanced threat, but there is an increase in the number of known attacks that are being re-engineered to extend their use.

Half of all advanced attacks target proprietary data, while 48% are aimed at personal information, including customer and employee records, respondents said.

But IT security professionals said they are finding it difficult to respond effectively and quickly enough to defend against these attacks.

Some 80% of security managers said it takes at least a day or longer to detect such attacks. Of these, 46% said it requires at least 30 days.

Ponemon said this delay is often the result of organizations not having the right technology or training despite having the appropriate policies and procedures in place.

More than half of respondents said they have sufficient policies and procedures, but only 26% said they have adequate skills in-house and only 32% said they have the necessary defense technology.

Ponemon found that 69% of respondents use anti-virus tools and 61% use an intrusion detection system, but 90% said exploits or malware have evaded these tools, or that they are not sure.

Only 19% said their IT leaders are fully aware of the challenge of, and requirements for, defending against advanced attacks.

This story was first published by Computer Weekly

 

This article is featured in:
Business Continuity and Disaster Recovery

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water