According to Lancope's director of security research, Tom Cross, this scenario is not likely. "Any system you connect to the Internet is going to be targeted by attackers very quickly thereafter," he said. "I would assert that if you're unsure whether or not your organization has had a security incident, the chances are very high that the answer is yes."
The survey also revealed that 38 percent believe recent security incidents had no impact on their organization. According to Cross, "even the most basic malware infection has some financial cost to the organization, even if it's just the cost to clean infected machines. Not to mention the additional serious consequences that can result from a breach, including data loss, customer distrust, regulatory fines and many others."
Nearly 18 percent of respondents did admit to recently suffering from malware, and 16 percent said they had been the victim of distributed denial-of-service (DDoS) attacks. It is possible that many of these organizations have also suffered from other, more stealthy attacks and are just not aware. Insider threats, for example, can be difficult to detect because attackers have authorized access to the data they are looking to steal. Advanced, external attackers can also fly under the radar by constructing attacks that are likely to evade commonplace network security solutions.
Organizations were more realistic when evaluating the potential risk of insider threats to their infrastructure, with 32 percent naming it as one of the greatest risks. However, this concern was far overshadowed by fears associated with BYOD and mobile devices, coming in at over 50 percent. Because traditional security strategies cannot be easily applied to employee-owned assets, enterprise security professionals suffer from a lack of network visibility when it comes to mobile devices. This blind spot is obvious; but what about the blind spots that organizations don't realize they have?
Areas of blind spots within the typical enterprise are many, including applications, network traffic, network devices, user activity, virtualized appliances and data centers, to name a few. Lancope was encouraged to also see "lack of visibility" top the list of greatest risks identified by survey participants, as well as "monitoring user activity" designated as a key challenge. Technologies like NetFlow can provide the much-needed visibility that many organizations currently lack.
Lancope's StealthWatch® System collects and analyzes NetFlow and other flow data from existing infrastructure to provide a complete picture of everything going on across the network. This pervasive visibility enables organizations to quickly identify and address anomalies in network and user behavior that could signify a potential security risk. Not relying on signature updates to detect attacks, StealthWatch can identify a wide range of security issues within the network, including advanced attacks such as zero-day malware, APTs and insider threats.
"Organizations need to make sure that, when faced with the inevitable, they can identify an incident as quickly as possible," said Cross. "With new attacks making headlines on a nearly weekly basis, it's time for organizations to take a more strategic, holistic approach when it comes to network security."
To access the full Lancope survey, go to: http://www.lancope.com/files/documents/Industry-Reports/Lancope-Security-Report-2013.pdf.