Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

11/6/2017
02:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Cyber Pros Point to 'Perfect Storm' as Security Fundamentals Face Crisis

Sunnyvale, Calif. – November 3, 2017 – RedSeal (www.redseal.net), the leader in network modeling and cyber risk scoring, today released the results of its second annual Resilience Report, which found IT Security teams are on the verge of a huge crisis.

The 2017 RedSeal Resilience Report asked 600 U.S. and UK CISOs and senior IT decision makers about the biggest challenges they face. Across the board, the majority report four areas central to cybersecurity are all at risk –  resources, preparation, detection and overarching strategy – exposing their organizations to significant cyber threats.

1.     A sophisticated threat landscape, evolving faster than teams can respond

The burgeoning threat volume and complexity is outpacing security teams' capabilities. More than half (54 percent) of senior cybersecurity professionals think the threat landscape is evolving far faster than their organization can respond. Specifically:

  • 54 percent report they don’t have the tools and resources they need
  • 55 percent can’t react quickly enough to limit damage in the event of a major security incident
  • 79 percent say their organization can’t access insights to prioritize their response to an incident
  • Only one in five (20 percent) are extremely confident their organization will continue running as usual upon discovery of a cyberattack or breach

2.     Lack of preparation is pervasive

The 2017 RedSeal Resilience Report found that only 25 percent of respondents’ organizations test their cybersecurity response to a major incident annually, if at all.  It also found a strong correlation: as time since the last test increases, executives’ confidence in the plan decreases.

  • On average, it has been nine months since organizations created a complete blueprint, model or map of their entire network. This means pathways through their constantly changing network - and access to their most valuable assets – are neither confirmed to be secure nor clearly known at all.
  • 55 percent concede they don’t test their strategies frequently enough because it is resource intensive (29 percent), outside their budget (27 percent), or takes too much time (26 percent)

3.     There’s a dangerous gap between perceived and true detection times

Once a network is compromised, a cyberattack festers until it’s detected and resolved. Alarmingly, the RedSeal Resilience report reveals an industry-wide discrepancy between how long it takes from when an organization’s network is compromised to when they become aware of the event.

  • Perception:  When ranking their capabilities, cyber pros voted “detection” as their strongest area (40 percent), with respondents reporting it takes an average of six hours to discover an incident
  • Reality: Other studies of the same “time to detect” report drastically different times:

This infers that – despite detection being considered the security teams’ greatest strength – companies are struggling and not fully informed. Take for example, Sonic, which didn’t know they were hacked until their credit card processor informed them of unusual activity. They acknowledged the breach – which compromised more than five million credit cards – 11 days after the first batch of cards were uploaded for sale.

4.     Compliance - not strategy - drives security planning

Given the massive financial impact of breaches, cyber strategy should be the C-Suite’s priority. However, 97 percent of respondents report that external regulations play a major role in their cybersecurity and resilience planning and implementation.

  • 92 percent of organizations have had to adapt the way that they meet regulatory requirements due to the use of public cloud platforms such as AWS and Microsoft Azure
    • 12 percent of respondents’ organizations had to do a total rethink
    • 49 percent had to make significant changes
  • Only 27 percent are completely confident their IT systems can support these regulations
    • Therefore, 73 percent of companies which might not meet the requirements for using public clouds – such as AWS, where Deloitte faltered, and Azure, the source of hacks for Dow Jones, Verizon, and RNC to name a few –may be more exposed to attacks and breaches.

“Having any one of these four areas – resources, preparation, detection and overarching strategy –  in crisis is dangerous. Combined, they’re the harbinger of security disaster for any organization,” noted Ray Rothrock, CEO and chairman of RedSeal. “This report underscores the urgency for the leaders of cyber strategy to pivot and aggressively pursue resilience, the ability to maintain business as usual while navigating an attack, as the new gold standard.  Being prepared is the best defense.”

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Inside North Korea's Rapid Evolution to Cyber Superpower
Kelly Sheridan, Staff Editor, Dark Reading,  12/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27409
PUBLISHED: 2020-12-04
OpenSIS Community Edition before 7.5 is affected by a cross-site scripting (XSS) vulnerability in SideForStudent.php via the modname parameter.
CVE-2020-27408
PUBLISHED: 2020-12-04
OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users.
CVE-2020-27765
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause ot...
CVE-2020-27766
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to application availability, b...
CVE-2020-27767
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact to application avai...