C-Level Fears Own Security Profile

Thursday, July 25, 2013 @ 05:07 PM gHale

Senior executives are now becoming very aware of the cyber threat hanging over them with over 66 percent of the top brass concerned their companies will not be able to stop cyber threats, and one in five say their biggest concern is not knowing whether an attack is underway, a new survey found.

However, sometimes fears don’t always translate into fixes. Of those surveyed, 42 percent report not having an Incident Response Team in place, and nearly half (47 percent) said they are not making use of advanced malware analysis tools, according to the ThreatTrack Security report.

Survey: Security Metrics Too Complicated
Cyber Report: Attackers on Network
SMBs Need Data Breach Awareness
Breach Discovery: 10 Hours

The independent blind survey of 200 C-level executives at enterprises ended up conducted by Opinion Matters on behalf of ThreatTrack Security in June 2013. The results highlight the opinions of CSO, CIO, CEO and CTO executives related to the cyber security practices of their companies.

At a time when advanced persistent threats (APTs), targeted attacks, Zero Day threats and other sophisticated malware have become profitable businesses for malware writers and cybercriminals, many large enterprises are still struggling with how to protect themselves.

It is especially telling that, according to the study, 97 percent of enterprises with annual security budgets over $1million still report concerns they are vulnerable to malware attacks and cyber espionage tactics.

“Enterprises are facing an unprecedented surge of highly targeted and sophisticated threats that are designed to evade traditional malware detection technologies,” said Julian Waits, chief executive at ThreatTrack Security. “The only way to battle these threats effectively is with a combination of highly skilled cyber security professionals armed with the strongest malware analysis tools available. Companies that don’t employ the right mix of people, process and technology are making themselves excellent targets for the cyber bad guys.”

Key findings from the survey include:
• 69 percent of executives fear their organizations may be vulnerable to targeted malware attacks, APTs and other sophisticated cybercrime and cyber-espionage tactics.
• More than one in five enterprises (21 percent) said their biggest concern is not knowing whether an attack is taking place.
• 47 percent said their cyber defense does not include an advanced malware analysis tool, such as a malware analysis sandbox; 42 percent do not have a dedicated Incident Response Team employed.
• One third of the enterprises surveyed say they are aware of a targeted malware attack against their company, including 50 percent of financial services firms and 53 percent of manufacturing companies.
• 82 percent of financial services firms fret over APTs and sophisticated attacks, but only half of them employ an advanced malware analysis tool like a sandbox.
• 36 percent of enterprises said they fear losing proprietary intellectual property and trade secrets in a breach than they are about losing their customers’ personally identifiable information (such as credit card data, social security numbers or medical records).

Leave a Reply

You must be logged in to post a comment.