Lancope Survey: Enterprises in Denial Regarding Network Security
Nearly two-thirds of surveyed organizations not aware of any recent security incidents
ATLANTA, August 5, 2013 – Lancope, Inc., a leader in network visibility and security intelligence, has released a survey indicating that many enterprises possess an unrealistic confidence surrounding the security of their networks. According to the survey, more than 65 percent of IT/security professionals did not think, or were unsure whether, they had experienced any security incidents within the last 12-18 months.1
According to Lancope’s director of security research, Tom Cross, this scenario is not likely. “Any system you connect to the Internet is going to be targeted by attackers very quickly thereafter,” he said. “I would assert that if you’re unsure whether or not your organization has had a security incident, the chances are very high that the answer is yes.”
The survey also revealed that 38 percent believe recent security incidents had no impact on their organization. According to Cross, “even the most basic malware infection has some financial cost to the organization, even if it’s just the cost to clean infected machines. Not to mention the additional serious consequences that can result from a breach, including data loss, customer distrust, regulatory fines and many others.”
Nearly 18 percent of respondents did admit to recently suffering from malware, and 16 percent said they had been the victim of distributed denial-of-service (DDoS) attacks. It is possible that many of these organizations have also suffered from other, more stealthy attacks and are just not aware. Insider threats, for example, can be difficult to detect because attackers have authorized access to the data they are looking to steal. Advanced, external attackers can also fly under the radar by constructing attacks that are likely to evade commonplace network security solutions.
Organizations were more realistic when evaluating the potential risk of insider threats to their infrastructure, with 32 percent naming it as one of the greatest risks. However, this concern was far overshadowed by fears associated with BYOD and mobile devices, coming in at over 50 percent. Because traditional security strategies cannot be easily applied to employee-owned assets, enterprise security professionals suffer from a lack of network visibility when it comes to mobile devices. This blind spot is obvious; but what about the blind spots that organizations don’t realize they have?
Areas of blind spots within the typical enterprise are many, including applications, network traffic, network devices, user activity, virtualized appliances and data centers, to name a few. Lancope was encouraged to also see “lack of visibility” top the list of greatest risks identified by survey participants, as well as “monitoring user activity” designated as a key challenge. Technologies like NetFlow can provide the much-needed visibility that many organizations currently lack.
Lancope’s StealthWatch® System collects and analyzes NetFlow and other flow data from existing infrastructure to provide a complete picture of everything going on across the network. This pervasive visibility enables organizations to quickly identify and address anomalies in network and user behavior that could signify a potential security risk. Not relying on signature updates to detect attacks, StealthWatch can identify a wide range of security issues within the network, including advanced attacks such as zero-day malware, APTs and insider threats.
“Organizations need to make sure that, when faced with the inevitable, they can identify an incident as quickly as possible,” said Cross. “With new attacks making headlines on a nearly weekly basis, it’s time for organizations to take a more strategic, holistic approach when it comes to network security.”
To access the full Lancope survey, go to: http://www.lancope.com/files/documents/Industry-Reports/Lancope-Security-Report-2013.pdf.
1 – Lancope survey conducted among attendees at a large 2013 security conference in Europe.
Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope’s security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team. For more information, visit www.lancope.com.
# # #
©2013 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.
Jody Ma Kissling
Lesley Sullivan/Kendra Dorr