Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

7/15/2014
01:37 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

39 Percent of IT Organizations Experienced More Than Two Significant Security Incidents

As incidents increase, cybersecurity confidence undermined by contradicting investments

CAMPBELL, Calif., July 15, 2014 — ForeScout Technologies, Inc., the leading provider of pervasive network security solutions for Global 2000 enterprises and government organizations, today announced that it has published its 2014 Cyber Defense Maturity Report, which is currently available for download at www.forescout.com/stateofdefense. Independent research for the report was conducted by IDG Connect and offers key insights into the nature of security issues impacting organizations; the perceived maturity of process, controls and tools applied to preempt and contain exposures; the state of confidence in security operations; and the most likely areas for future improvement and investment. Survey respondents included 1,600 IT information security decision makers in organizations with more than 500 employees and spanning five industries in the U.S. and Europe.

Key findings of the report revealed that more than 96 percent of organizations experienced a significant IT security incident in the past year. The majority of IT organizations are aware that some of their security measures are immature or ineffective, but only 33 percent have high confidence in the likelihood that their organizations will improve their less mature security controls. Also evident in the results, increasing operational complexity and threat landscape have affected security capacity as more than 43 percent perceive problem prevention, identification, diagnosis and remediation as more challenging than two years ago.  In aggregate, one in six organizations had five or more significant security incidents in the past 12 months. While confidence in IT security management appears optimistic, overall findings showed a contradiction in efficacy and likely investment compared to where incidents have been most impactful.

The full report and infographic can be downloaded at www.forescout.com/stateofdefense. Further regional and industry comparative differences will also be made available. Join IDG Connect and ForeScout on July 31 at 8 a.m. PST / 3 p.m. GMT as they share research findings in a live webcast entitled “IT Cyber Defense – Progress and Denial” atwww.forescout.com/sodwebcast.

Finding Highlights
The need to improve security management is evidenced by the growing number of industry and regulatory compliance frameworks specifying security measures and how sensitive information is protected both on and off-premise. Network complexity, exposure diversity and threat velocity are challenging security operations. But organizations don’t know where they stand and where they are going without a baseline. The survey, conducted and compiled by IDG Connect during May and June of 2014, illustrates the nature of security threats and the extent of defense maturity arrayed against organizations with more than 500 employees in the finance, manufacturing, healthcare, retail and education sectors in the U.S., U.K., Germany, Austria and Switzerland.

While the complete 2014 Cyber Defense Maturity Report offers more extensive data, analysis and inference, survey highlight results are:

§  One in six organizations had five or more significant incidents, and 39 percent had two or more incidents.

§  Top security incidents comprised of phishing, compliance policy violations, unsanctioned device and application use, and unauthorized data access.

§  40 percent reported that security management tasks are more challenging now than two years ago; specifically problem prevention, diagnosis, identification and remediation.

§  Most frequent cited security issues were from malware and advanced threats, application and wireless security, network resource access, unsanctioned application and personal mobile device use, and data leakage.

§  Control practices indicated as relatively immature were personal mobile device usage, perimeter threats, inventory management and endpoint compliance, virtualization security, rogue device and application security. However, only 54 percent of respondents said they were somewhat confident in the likelihood of improvement over the next 12 months.

§  Over 61 percent cited low to no confidence on network device intelligence, maintaining configuration standards and defenses on devices, and ensuring virtual machine and remote devices adhere to policy.

§  The top five security technologies perceived to have the greatest interoperability value were firewalls, anti-malware, network access control (NAC), mobile device management (MDM), and advanced threat detection (ATD).

Industry and Regional Highlights

§  Malware and advanced persistent threat (APT) attacks were rated as a top priority across all industries and regions, yet it appears that there is lower likelihood of investing further resources to reduce perimeter threats.

§  Significant compliance policy violations that consumed a large amount of time to recover from occurred an average of 2.6 times in the last 12 months on aggregate across all three regions, but more in the U.S. as compared to U.K. and DACH countries.

§  Manufacturing, education and finance sectors appear more prone to phishing attacks while the healthcare sector was more likely to experience higher than average compliance policy violations.

§  Healthcare was more concerned about data leakage monitoring issues compared to manufacturing, education, retail and finance, and in particular, in the DACH region, where unsanctioned device and application use and system breaches appear more problematic.

§  Financial institutions were subject to more incidents caused by phishing attacks, compliance policy violations, unsanctioned application use, and data leakage, and overall found problem remediation more challenging compared to other sectors.

§  When it comes to policy definition, technical controls and mitigation capabilities, the education sector appears the least mature while the financial sector appears the most mature.

§  Countries in the DACH region have less confidence in improvements to inventory management tools than their counterparts in the U.K. and U.S.

§  78 percent of respondents on average cited BYOD as having an impact on governance, risk and compliance (GRC).  While the retail sector appears to be more progressive on BYOD security, in general, European respondents cited data wiping and encryption as having a higher impact on GRC.

“We are pleased to sponsor the 2014 Cyber Defense Maturity Report conducted by IDG Connect. The findings provide a useful snapshot of the state of exposures, controls and investment across global regions and industries,” said Scott Gordon, chief marketing officer at ForeScout. “The independent research clearly validates the need for continuous monitoring, intelligence and mitigation capabilities which are exemplified in ForeScout’s pervasive networks security solutions.”

Relevant Links
State of Cyber Defense Report
IT Cyber Defense – Progress and Denial Webcast

Tweet This: ForeScout sponsors 2014 Cyber Defense Maturity Report – check out the findings http://ow.ly/z1rVh and see the webcast http://ow.ly/z1xMp.

About ForeScout Technologies, Inc.
ForeScout delivers pervasive network security by allowing organizations to continuously monitor and mitigate security exposures and cyberattacks. The company’s CounterACT platform dynamically identifies and assesses network users, endpoints and applications to provide visibility, intelligence and policy-based mitigation of security issues. ForeScout’s open ControlFabric technology allows a broad range of IT security products and management systems to share information and automate remediation actions. Because ForeScout’s solutions are easy to deploy, unobtrusive, flexible and scalable, they have been chosen by more than 1,500 enterprises and government agencies in 54 countries. Headquartered in Campbell, California, ForeScout offers its solutions through its network of authorized partners worldwide.Learn more at www.forescout.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18575
PUBLISHED: 2019-12-06
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system.
CVE-2019-11293
PUBLISHED: 2019-12-06
Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials when sent as a query parameter. A remote authenticated malicious user could gain access to user credentials via the uaa.log file if authentication is provided via query parameters.
CVE-2019-16771
PUBLISHED: 2019-12-06
Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized data is used to populate the headers of an HTTP response. This vulnerability has been patched in 0.97....
CVE-2019-1551
PUBLISHED: 2019-12-06
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are n...
CVE-2019-16671
PUBLISHED: 2019-12-06
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Remote authenticated users can crash a device with a special packet because of Uncontrolled Resource Consumption.