Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

6/26/2018
09:00 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Black Hat Survey: Enterprise Tech, US Government Unprepared for Cyberattacks

The 2018 Black Hat Attendee survey reveals worries over the effectiveness of enterprise security technology, and threat to US infrastructure.

More than two-thirds (69%) of cybersecurity experts predict a successful cyberattack will hit US infrastructure within the next two years – and a majority express low confidence both in security technology to protect their organizations and in the US government to defend the nation against attacks.

Respondents of the 2018 Black Hat Attendee Survey, a group of 315 IT and security pros who attended the conference in 2017 or who are registered for this year's conference, were asked to rate the effectiveness of technologies available to enterprise security teams. It was the first time this question was included in the survey and responses indicate the security community sees ample room for improvement.

In a list of 18 technologies, only three were rated as "very effective" or "somewhat effective" by a majority of participants: encryption, multifactor authentication tools, and firewalls. The remaining 15 were ranked "effective" by 47% or fewer respondents with mobile security tools, data leak protection, and passwords rounding out the bottom three. Only 19% said passwords are very/somewhat effective; 37% said they are "not at all effective" or "not very effective."

It wasn't the only area where most attendees were in agreement. Respondents voiced similar thoughts on many areas across the security spectrum including which nation(s) will be behind a major cyberattack on the US, staffing issues, and concerns around data security and privacy.

Meanwhile, security pros feel under-resourced again this year: the majority of respondents say they do not have enough staff, budget, or training to meet the threats their organizations will face in the next 12 months.

Cyberattacks Threaten an Ill-Prepared US Government

The majority (52%) of respondents think Russian cyber activity had a "substantial impact" on the 2016 US election. Seventy-one percent think cyber initiatives from Russia, China, and North Korea threaten the security of US data, the report states.

One open-ended question asked attendees which global or political issues concern them most. Many cited nation-state threats ranging from espionage to steal US enterprise data to "all-out cyberwar." Many cited issues affecting the US government: election fraud, lack of cyber resources, and the choice to eliminate the position of federal cyber advisor.

Forty-three percent of experts polled think the greatest threat to US infrastructure is an attack by a large nation-state such as Russia or China. However, it seems an attack by a financially motivated cybercriminal group is more concerning (11%) than an attack from a politically motivated terrorist group (7%) or a rogue nation-state like North Korea (3%).

The danger is real but most don't think the US is equipped to face it: Only 15% of respondents think the government understands cyberthreats and will take steps to defend the country. Thirteen percent think Congress and the White House understand the cyberthreat and only 16% of respondents approve of President Trump's performance, the report shows.

The Future of Privacy is Bleak

Security experts have a gloomy outlook on the state of data privacy, a mindset shaped by the recent Facebook investigation, data breach reports, and European General Data Protection Regulation (GDPR), which went into effect last month. Thirty percent of respondents claim they haven't begun any GDPR-related initiatives, nor do they know if their business is compliant. More than one-quarter (26%) don't think they are subject to GDPR regulations.

More than half (55%) of respondents say they advise customers and internal users to reconsider data shared on Facebook. The majority (65%) limits their own Facebook usage or avoids the social platform entirely due to security concerns. Only 26% of respondents think it will be possible for people to protect their online identity and privacy in the future.

"This is a bleak outlook indeed when coming from those who understand the threat best, and in many cases, are professionally tasked with protecting that data," the report states.

Related Content:

Why Cybercriminals Attack: A DARK READING VIRTUAL EVENT Wednesday, June 27. Industry experts will offer a range of information and insight on who the bad guys are – and why they might be targeting your enterprise. Go here for more information on this free event.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
nirgx
100%
0%
nirgx,
User Rank: Author
7/10/2018 | 8:06:58 PM
Effectiveness of Technologies
After looking at the survey, specifically the list of "Effectiveness of Technologies in Protecting Data", I wouldn't say the results are surprising - passwords at 19% and AV at 30% is actually pretty good reflection of reality. But firewalls at 62% is kind of ruining that. With today's attack techniques, most hackers that successfully penetrate an organization wouldn't even know a firewall was there.
thescottking
50%
50%
thescottking,
User Rank: Apprentice
6/28/2018 | 10:36:30 AM
Inevitable
Endpoint ( mobile, IoT ) proliferation for monitoring and controls is going exacerbate the resources issue well into the future. Lines of business wants more speed and efficiency but the constraints on security teams severely limit the demand from the business. Tell your kids to get computer science and cyber related degrees.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
6/26/2018 | 10:55:38 PM
Already
Cyberattacks on US infrastructure have almost certainly happened already. Researchers have previously been able to demonstrate proofs of concept if not actually compromise dams and other critical infrastructure.

This goes extra if we count voting as infrastructure, given how notoriously unsecure voting machines and online voting are.
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18214
PUBLISHED: 2019-10-19
The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption) via multiple concurrent conversions because many FFmpeg processes may be running at once. (The workload is not queued for serial execution.)
CVE-2019-18202
PUBLISHED: 2019-10-19
Information Disclosure is possible on WAGO Series PFC100 and PFC200 devices before FW12 due to improper access control. A remote attacker can check for the existence of paths and file names via crafted HTTP requests.
CVE-2019-18209
PUBLISHED: 2019-10-19
templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer.
CVE-2019-18198
PUBLISHED: 2019-10-18
In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753.
CVE-2019-18197
PUBLISHED: 2019-10-18
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclo...