Threat Intelligence

6/26/2018
09:00 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Black Hat Survey: Enterprise Tech, US Government Unprepared for Cyberattacks

The 2018 Black Hat Attendee survey reveals worries over the effectiveness of enterprise security technology, and threat to US infrastructure.

More than two-thirds (69%) of cybersecurity experts predict a successful cyberattack will hit US infrastructure within the next two years – and a majority express low confidence both in security technology to protect their organizations and in the US government to defend the nation against attacks.

Respondents of the 2018 Black Hat Attendee Survey, a group of 315 IT and security pros who attended the conference in 2017 or who are registered for this year's conference, were asked to rate the effectiveness of technologies available to enterprise security teams. It was the first time this question was included in the survey and responses indicate the security community sees ample room for improvement.

In a list of 18 technologies, only three were rated as "very effective" or "somewhat effective" by a majority of participants: encryption, multifactor authentication tools, and firewalls. The remaining 15 were ranked "effective" by 47% or fewer respondents with mobile security tools, data leak protection, and passwords rounding out the bottom three. Only 19% said passwords are very/somewhat effective; 37% said they are "not at all effective" or "not very effective."

It wasn't the only area where most attendees were in agreement. Respondents voiced similar thoughts on many areas across the security spectrum including which nation(s) will be behind a major cyberattack on the US, staffing issues, and concerns around data security and privacy.

Meanwhile, security pros feel under-resourced again this year: the majority of respondents say they do not have enough staff, budget, or training to meet the threats their organizations will face in the next 12 months.

Cyberattacks Threaten an Ill-Prepared US Government

The majority (52%) of respondents think Russian cyber activity had a "substantial impact" on the 2016 US election. Seventy-one percent think cyber initiatives from Russia, China, and North Korea threaten the security of US data, the report states.

One open-ended question asked attendees which global or political issues concern them most. Many cited nation-state threats ranging from espionage to steal US enterprise data to "all-out cyberwar." Many cited issues affecting the US government: election fraud, lack of cyber resources, and the choice to eliminate the position of federal cyber advisor.

Forty-three percent of experts polled think the greatest threat to US infrastructure is an attack by a large nation-state such as Russia or China. However, it seems an attack by a financially motivated cybercriminal group is more concerning (11%) than an attack from a politically motivated terrorist group (7%) or a rogue nation-state like North Korea (3%).

The danger is real but most don't think the US is equipped to face it: Only 15% of respondents think the government understands cyberthreats and will take steps to defend the country. Thirteen percent think Congress and the White House understand the cyberthreat and only 16% of respondents approve of President Trump's performance, the report shows.

The Future of Privacy is Bleak

Security experts have a gloomy outlook on the state of data privacy, a mindset shaped by the recent Facebook investigation, data breach reports, and European General Data Protection Regulation (GDPR), which went into effect last month. Thirty percent of respondents claim they haven't begun any GDPR-related initiatives, nor do they know if their business is compliant. More than one-quarter (26%) don't think they are subject to GDPR regulations.

More than half (55%) of respondents say they advise customers and internal users to reconsider data shared on Facebook. The majority (65%) limits their own Facebook usage or avoids the social platform entirely due to security concerns. Only 26% of respondents think it will be possible for people to protect their online identity and privacy in the future.

"This is a bleak outlook indeed when coming from those who understand the threat best, and in many cases, are professionally tasked with protecting that data," the report states.

Related Content:

Why Cybercriminals Attack: A DARK READING VIRTUAL EVENT Wednesday, June 27. Industry experts will offer a range of information and insight on who the bad guys are – and why they might be targeting your enterprise. Go here for more information on this free event.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
nirgx
100%
0%
nirgx,
User Rank: Author
7/10/2018 | 8:06:58 PM
Effectiveness of Technologies
After looking at the survey, specifically the list of "Effectiveness of Technologies in Protecting Data", I wouldn't say the results are surprising - passwords at 19% and AV at 30% is actually pretty good reflection of reality. But firewalls at 62% is kind of ruining that. With today's attack techniques, most hackers that successfully penetrate an organization wouldn't even know a firewall was there.
thescottking
50%
50%
thescottking,
User Rank: Apprentice
6/28/2018 | 10:36:30 AM
Inevitable
Endpoint ( mobile, IoT ) proliferation for monitoring and controls is going exacerbate the resources issue well into the future. Lines of business wants more speed and efficiency but the constraints on security teams severely limit the demand from the business. Tell your kids to get computer science and cyber related degrees.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
6/26/2018 | 10:55:38 PM
Already
Cyberattacks on US infrastructure have almost certainly happened already. Researchers have previously been able to demonstrate proofs of concept if not actually compromise dams and other critical infrastructure.

This goes extra if we count voting as infrastructure, given how notoriously unsecure voting machines and online voting are.
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
5 Reasons Why Threat Intelligence Doesn't Work
Jonathan Zhang, CEO/Founder of WhoisXML API and TIP,  11/7/2018
Why Password Management and Security Strategies Fall Short
Steve Zurier, Freelance Writer,  11/7/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-2491
PUBLISHED: 2018-11-13
When opening a deep link URL in SAP Fiori Client with log level set to "Debug", the client application logs the URL to the log file. If this URL contains malicious JavaScript code it can eventually run inside the built-in log viewer of the application in case user opens the viewer and taps...
CVE-2018-2473
PUBLISHED: 2018-11-13
SAP BusinessObjects Business Intelligence Platform Server, versions 4.1 and 4.2, when using Web Intelligence Richclient 3 tiers mode gateway allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
CVE-2018-2476
PUBLISHED: 2018-11-13
Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site.
CVE-2018-2477
PUBLISHED: 2018-11-13
Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source.
CVE-2018-2478
PUBLISHED: 2018-11-13
An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the <sid>adm user. The commands execut...