As foreign state-sponsored attackers turn up the heat on corporate targets, security operations staffers are losing confidence in their ability to stave off these threats. New survey results released this week showed that confidence levels among IT security professionals has slipped this year, with fewer than half of them feeling sure they can keep up with new and emerging threats.
Conducted among Black Hat attendees by Lieberman Software, the survey asked infosec professionals about their organizations' readiness to respond to state-sponsored and other advanced attacks. The study found that 59% of respondents believe their organizations are likely to be the target of a state-sponsored attack sometime in the next six months.
This kind of awareness likely comes from the increasing prevalence of successful state-sponsored attack incidents hitting the headlines. And these attacks are no longer just limited to military contractors. Just last month it was found that state-sponsored attackers from China broke into Community Health Systems (CHS) and stole data about 4.5 million patients.
[How much do enterprises really care about IAM? Read Identity and Access Management Market Heats Up.]
According to this week's survey results, 48% do not think their staff or tools would be able to detect such attacks. Meanwhile only 41% of respondents think that their tools and processes are able to keep up with new and emerging threats. That represents a drop in confidence compared to the same survey conducted last year, when 57% of IT security pros said they believed they could keep up.
According to Phil Lieberman, CEO of the firm, the results could suggest a mind shift as infosec pros view many existing IT security infrastructure investments as a "gigantic waste of money."
"IT professionals are backing away from legacy and analyst-recommended solutions and strategies, since they are toxic to their company and their personal careers," he says, pointing to fallout from breaches at Target and Home Depot as examples. "Only strong senior leadership will fix the current security debacle of weak internal security as there are no 'get out of jail free' cards from the auditor or analyst community."
This strong leadership should be directed at better security design and improved processes. But that may not be easy, as in many cases for controls that improve things like least privilege access, greater accountability for all users, and increased segmentation of data and networks. All of that may require the "breakdown of existing political power bases" within enterprises, he says.
"In effect, this is an act of creative destruction that reorganizes the operations of companies along military lines of information compartmentalization and builds in the necessary systems to be resilient against attacks," Lieberman says.