Hackers can get past even the best defence-in-depth security products, according to a recent NSS Labs Inc. report.
Not every cyber-attack is preventable, but with a cyber-resilience programme, the risk of damage can be reduced or completely avoided. The effectiveness of intrusion prevention system products was on average, 94 percent in 2013 (including block rates, and anti-evasion capabilities), which is generally quite effective. A test on next-generation firewalls revealed the product which was most effective scored 98.5 percent, with most of the products being over 90 percent effective.
However, even if organisations were to use the most effective products, they still wouldn't obtain 100 percent protection. Attacks that slip past one product are likely to slip past another, leaving large gaps in the security. It isn't the 98.5 percent effectiveness that is the issue, it's the 1.5 percent of missed attacks, which could lead to a data breach.
Some of the attacks that are not detected are zero-day attacks, similar to those that reportedly hit JP Morgan; whilst most of the current cyber-attacks use sophisticated activities to take hold of an organisation's systems, and from there can release confidential information. Other attacks are just hackers guessing passwords, demonstrating the fact that unsophisticated attacks can also be problematic.
In order to prevent any attacks from going ahead unnoticed, system engineering should be based on cyber-risk management to ensure functions can operate well, even when the system is compromised, says the report.