Standard security technology such as anti-virus, firewalls, intrusion detection and protection are no longer effective.
According to a survey of 205 attendees at last week's RSA Conference in San Franscisco, 59 per cent said that firewalls were no longer effective against state-sponsored cyber attacks, while 48 per cent said the same of anti-virus and 39 per cent of intrusion detection systems (IDS) and intrusion prevention systems (IPS).
“What is surprising about these figures is that only 50 per cent of cyber security professionals believe their organisation is a potential target for state-sponsored cyber attacks. I would say the real figure is much higher. Attacks are so stealthy most organisations are unable to detect when they are being attacked,” he said.
Another survey of 150 delegates at the conference by F5 Networks found that half believe that their traditional IT safeguards are less than adequate for modern security threats introduced by virtualisation, bring your own device (BYOD) and complex attack vectors.
It found that 73 per cent felt that virtualisation was the biggest challenge, while 72 per cent opted for the increasing complexity of threats (such as distributed denial-of-service attacks) and 66 per cent said BYOD and use of employee-owned devices such as smartphones for business use was the biggest challenge.
The shift from traditional client-server applications to web-based applications was a challenge for 44 per cent, while a move from a data centre-focused infrastructure to a cloud-based infrastructure was a challenge for 45 per cent.
Mark Vondemkamp, VP of product management for security at F5 Networks, said: “The security landscape continues to change rapidly and many organisations are struggling to properly address evolving threats.
“Companies will do well to proactively address trends like BYOD and cloud security, but they should also look to raise their game in terms of threat detection and mitigation. With employee behaviour, business priorities and infrastructure demands further expanding traditional threat vectors, the proper tools and procedures are essential in maintaining a healthy level of security.”