IT security pros shouldn't try to 'prevent everything'
A new survey by Countercept by MWR InfoSecurity highlights all the frustrations IT security experts are experiencing as they’re trying their best to protect their company’s assets and employees.
The survey, conducted during Infosecurity Europe, asked 301 IT security professionals about their company’s ability to detect and deter cyber-attacks.
A third doesn’t believe they have the skills, manpower or technology to detect attacks "that matter". The report doesn’t say which types of attacks matter, and which not, although it rounds them all under those that "do damage".
It did say, however, that an increased threat landscape, with laptops, tablets, smartphones, wearables, and whatnot, is putting a lot of strain on security experts.
Almost two thirds (62 percent) said they can’t defend "everything, all of the time". Just above half (51 percent) said employees are to blame, 50 percent blamed the speed of change, and 46 percent blamed the lack of resources.
"Many security solutions focus wholly on cyber-attack prevention, but determined attackers will always find a workaround. That’s why prevention alone is not enough, and perhaps why the people spoken with during this study felt ill prepared", suggests Peter Cohen, strategic director of Countercept. "The reality is that the odds are very much stacked in the hackers’ favor, with organizations playing catch up as they try to anticipate an attacker’s next move, trying to stay one step ahead instead of always constantly behind. But it’s not easy".
Cohen says the biggest problem is that companies are trying to "prevent everything" instead of focusing on identifying damage-causing attacks. "This is built on three key sources of data: log files, network traffic and the endpoint systems themselves", Cohen says. "Visibility of all three is an absolute must to reverse the tables and identify the attacks that matter".
Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.