IT security pros shouldn't try to 'prevent everything'

10 Comments

hand stop

A new survey by Countercept by MWR InfoSecurity highlights all the frustrations IT security experts are experiencing as they’re trying their best to protect their company’s assets and employees.

The survey, conducted during Infosecurity Europe, asked 301 IT security professionals about their company’s ability to detect and deter cyber-attacks.

A third doesn’t believe they have the skills, manpower or technology to detect attacks "that matter". The report doesn’t say which types of attacks matter, and which not, although it rounds them all under those that "do damage".

It did say, however, that an increased threat landscape, with laptops, tablets, smartphones, wearables, and whatnot, is putting a lot of strain on security experts.

Almost two thirds (62 percent) said they can’t defend "everything, all of the time". Just above half (51 percent) said employees are to blame, 50 percent blamed the speed of change, and 46 percent blamed the lack of resources.

"Many security solutions focus wholly on cyber-attack prevention, but determined attackers will always find a workaround. That’s why prevention alone is not enough, and perhaps why the people spoken with during this study felt ill prepared", suggests Peter Cohen, strategic director of Countercept. "The reality is that the odds are very much stacked in the hackers’ favor, with organizations playing catch up as they try to anticipate an attacker’s next move, trying to stay one step ahead instead of always constantly behind. But it’s not easy".

Cohen says the biggest problem is that companies are trying to "prevent everything" instead of focusing on identifying damage-causing attacks. "This is built on three key sources of data: log files, network traffic and the endpoint systems themselves", Cohen says. "Visibility of all three is an absolute must to reverse the tables and identify the attacks that matter".

Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.

Photo Credit:  AlexandreNunes/Shutterstock

10 Comments

10 Responses to IT security pros shouldn't try to 'prevent everything'

Got News? Contact Us

Recent Headlines

We're not going to deal with today's IT admin issues with yesterday's technology

AI-powered data management: Navigating data complexity in clinical trials

Workforces need the skills to defend against AI-enabled threats

Overcoming real-time data integration challenges to optimize for surgical capacity and better care

From Windows XP to Windows 10 -- How Microsoft's end-of-life nag screens have changed

Pour one out for the Linux homies: Fedora 40 released

Phishing attacks up 60 percent driven by AI

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

62 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

20 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

17 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

16 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

12 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.