Narus, a provider of dynamic network traffic intelligence and
analytics for protecting governments, service providers and enterprises
against cyber-threats and the risks of doing business in cyberspace,
unveiled research from a Narus-sponsored study by the Ponemon Institute
that pinpoints where cyber-warriors should concentrate their security
efforts.
Mobile security threats and nation-sponsored cyber-attacks ranked
high among major security concerns, while critical network
infrastructure organizations emerged as a top target for domestic and
foreign cyber-criminals. The study’s respondents, comprising a group of
information security experts, subsequently agreed that the most
essential security technology to thwart cyber-attacks is a system that
provides advanced warning.
While mobility poses a significant threat to individuals and
organizations, well-publicized DDoS attacks launched by foreign
entities and domestic criminals alike have endangered critical
infrastructures and put cyber-warriors on high alert. The study’s
respondents felt that a few critical network infrastructures in
particular were at risk: telecom and communications (93 percent of
respondents); transportation (70 percent); and power and water
utilities (63 percent).
Respondents indicated that attacks on their respective organizations
are occurring with increased frequency. A full 63 percent of
respondents reported seeing an increase in successful intrusions over
the past 12 months, likely by a nation or criminal syndicate.
Ironically, only 27 percent of respondents have witnessed a
corresponding increase in their respective companies’ cyber security
investments. (The majority believes that a lack of staffing and
governance is the top contributing factor to cyber security deficiency
— even more so than technology.)
Of those respondents whose organizations were attacked, most
determined the origin of the attack through signature (73 percent) or
traffic or network intelligence (50 percent). It appears that a
combination of signature-based security coupled with
non-signature-based approaches will be most effective. The most severe
attack vectors are SQL injection, client-side HTTP attacks, viruses and
insider threats. These attacks are considered severe because of their
consequences, such as theft of information assets and difficulty in
detecting, preventing or correcting effects of the attacks.
Seventy-seven percent of respondents believe criminal activities
evade their firewalls; 67 percent say they evade their
antivirus/antimalware systems; and 60 percent say they evade their
intrusion detection/prevention systems. Respondents believe stealth and
secrecy in security operations, education and training within the
enterprise, alignment of security with business objectives, and a
holistic approach (multiple complementary security software) to
enterprise security are necessary to create a strong security posture
in their respective organizations.