Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

11/16/2010
04:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Survey Reports 96% Of Orgs Unprepared For Network Breaches

Solera Networks completes 2nd Annual Network Forensics Survey

Salt Lake City, UT, Nov. 16, 2010 – Solera Networks™, a leading real-time network forensics products company, announced the completion of the 2nd Annual Network Forensics Survey. The survey, conducted by Trusted Strategies, polled more than 200 security professionals within large organizations to determine their capabilities to detect and respond to advanced threats that target security environments. The results reveal that a vast majority of organizations are not adequately prepared to determine source and scope of attacks.

“We have seen a shift in the type of threats organizations are having to deal with,” said Peter Schlampp, Vice President of Marketing and Product Management at Solera Networks. “Opportunistic theft and vandalism on networks is being replaced with targeted, multi-component, persistent attacks focused on specific systems and assets. Results of the study clearly show that most organizations are ill prepared to prevent and respond to these incidents.”

According to Lawrence Dietz, General Counsel and Managing Director at TAL Global, who participated in the survey, “It is our experience that most organizations are not prepared to deal with this kind of incident because they don’t understand that valuable digital evidence is lost as soon as the breach is over. Most organizations fail to employ proactive forensic tools.”

Nearly all participants (96 percent) recognize the importance of real-time situational awareness, yet only about 19% say their network security teams have this capability. In-depth interviews indicate that only a fraction of this group can gather enough information from an attack to prevent it again in the future.

Highlights of the survey findings include: • 82% said that it’s likely they will experience a significant security incident within the next 3 years. • 96% feel threatened by employee web activity, and 71% fear that instant messaging poses security threats. • 92% expressed concern over lengthy recovery times. • 64% of respondents said they don’t have the data or tools to efficiently determine the full scope of security incidents. 20% said it’s “impossible to determine scope.” • 96% recognize the value of real-time situational awareness and network forensics, yet only about 19% say they have the capability.

“Sourcefire endorses the pro-active research Solera Networks conducted and together with Solera Networks, we are committed to delivering our customers the products and solutions to enable swift incident response to any security event,” said Douglas Hurd, Director of Director of Technical Alliances at Sourcefire. “Despite all the security tools organizations have in their arsenal, it is often difficult to determine the right priority and proper response to an incident. This result is once again proven by the Solera Networks survey.”

The full survey report is posted at: www.soleranetworks.com/survey.

About Solera Networks

Solera Networks develops a high-speed network surveillance and forensics platform for complete capture, indexing, search, retrieval, and reconstruction of any network event. Our systems capture every packet at line rates up to 10Gbps on physical and virtual networks. The Solera Networks architecture provides open platform interoperability, extensible storage, and portability for any network, giving security professionals comprehensive network visibility. For more information on Solera Networks, visit www.soleranetworks.com.

About Sourcefire

Sourcefire, Inc. (Nasdaq:FIRE), is a world leader in intelligent cybersecurity solutions. Sourcefire is transforming the way Global 2000 organizations and government agencies manage and minimize network security risks. Sourcefire’s IPS, Real-time Network Awareness and Real-time Adaptive Security solutions equip customers with an efficient and effective layered security defense – protecting network assets before, during and after an attack. Through the years, Sourcefire has been consistently recognized for its innovation and industry leadership by customers, media and industry analysts alike – with more than 50 awards and accolades. Today, the name Sourcefire has grown synonymous with innovation and network security intelligence. For more information about Sourcefire, please visit http://www.sourcefire.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).