Fear of system compromise up some 50% among IT pros as perimeter dissolves

News by Mark Mayne

Concerns around compromise increase among IT pros in the face of major breaches at even the most security aware organisations, highlighting muddled responses to softening perimeter.

System compromises have become the greatest cyber concern for IT security leaders, according to new research, with almost one in four (23 percent) stating they are the greatest threat to enterprise.

Surprisingly, these fears supplanted even 2017's favourite bete noir, ransomware, which a mere (19 percent) of senior IT professionals are worried about. Financial data theft stirred up an equal 19 percent, while DDoS (17 percent) and intellectual property (IP) threats (13 percent) rounded out the top five.

Rodney Joffe, head of NISC and Neustar senior vice president and fellow, told SC Media UK that the research highlighted the importance of getting security basics right, instead of simply reinforcing perimeter measures: “Organisations need to ensure they understand where the greatest risks to their business lie, outside of just the web perimeter, and take the necessary actions to safeguard against them. From robustly securing web-facing applications, to encrypting mission-critical data and IP, fortifying your business' most valuable data and information should be the starting point. Once the basics are in place, attention should then be turned to defending against attacks before they occur.”

Most respondents (73 percent) said that recent high-profile incidents, such as the Equifax breach and Yahoo's admission of a widening breach, have affected the way they protect their business, with some planning to change infrastructure, expand teams and also outsource specific issues to IT pros, in addition to more traditional strategies such as improving firewalls and endpoint AV protection.

Javvad Malik, security advocate at AlienVault, agreed: “Merely reinforcing the perimeter is a flawed strategy because it makes two dangerous assumptions, first that the perimeter is the only place from where attacks will originate from. We know from many examples that this is not true, there are many cases of insider threats, or stolen credentials against which perimeter defences don't work. There is also the added complexity of cloud services and BYOD that often fall outside of perimeter protection.


“The second incorrect assumption is that it is possible to completely prevent attacks via hardening perimeter, or even internal systems. The fact is that given enough time and resource, a determined attacker will get through. Therefore it is essential to invest in threat detection and response controls across the perimeter, cloud, internal network, and host, to be able to effectively detect and respond to threats.”

The NISC research findings are used to benchmark the levels of concern among IT pros. The index figure is up to 9.4, up 45 percent - or nearly half as much again compared to the 6.5 rating in May 2017.

Josh Mayfield, director at FireMon, said: “Within the security industry and in society in general, we are in a constant search for a solution to this problem. We need to fully accept the new reality that the perimeter is dissolving, which doesn't mean we cannot maintain security and avoid compromise. With a dissolving perimeter, we have to examine new disciplines that evolve with us. Simply tossing a security device into a morphing network will not make anyone safe, in fact, it may do harm from a false sense of security.  These disciplines make a difference.”

The Neustar International Security Council (NISC) research polled 252 IT security CTOs, VPs, senior directors, business managers and other professionals across Europe with a security remit.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews