European Reseller

Helping bring new products to market

Thursday, Jun 21st

Last updateSat, 09 Jun 2018 2pm

You are here: Home Security 25% of UK IT professionals Under Attack 2 Weeks Before they Realised
Hand Held

25% of UK IT professionals Under Attack 2 Weeks Before they Realised

raj-samaniWEB

A new report, Tackling Attack Detection and Incident Response, from Enterprise Strategy Group (ESG), commissioned by Intel Security, reveals slow responses to cyber-attacks from UK enterprises are leaving companies vulnerable to targeted online crime. This report uncovers why UK corporations struggle to detect and defend against targeted online attacks and it found  a quarter of  UK IT Professionals took over  two weeks  to realise they were under attack from an advanced cyber threat in 2014

Highlights:

•           39% admitted that a threat, once discovered took between two and twelve weeks to remove and remediate

•           Across the globe, businesses on average dealt with 78 security incidents last year

•           26% involved targeted and bespoke attacks

Raj Samani, EMEA CTO Intel Security

 

 

The study of IT and security professionals at mid and large-sized enterprises across the globe found that 25% of UK enterprises took more than two weeks to detect an advanced attack on their enterprise last year. Moreover, 39% of UK IT experts admitted that a threat, once discovered took between two weeks and three months to remove and remediate.

When asked the IT professionals from the UK ranked the following as the top three most time consuming incident detection and response tasks:

         (50%) Determining the impact and/or scope of a security incident. This includes identifying what was altered on a system, what this alteration did and analysing whether other systems were affected.

         (45%) Taking action to minimise the impact of an attack. This includes taking a system off-line and segmenting the network.

         (45%) Determining which assets, if any, remain vulnerable to a similar type of attack.

Raj Samani, EMEA CTO Intel Security, who worked on the report, points out that corporations could be leaving themselves in grave danger by failing to detect and remediate against attacks immediately. According to Samani enterprises have a ‘golden hour’ – or a window of opportunity - in which to detect and deflect an attack, if they are to minimise risk and damage to their organisation. Just as the medical profession must deliver heart-attack patients to the hospital within a ‘golden hour’ to maximise likelihood of survival, the security industry must work towards reducing the time it takes to respond and react to a cyber threat.

 

The report uncovers that the slow detection and incident response issue is a matter of global concern. In France similarly 25% of IT professionals claimed their company took at least two weeks to discover an advanced cyber-attack on their company in 2014, while in the US the figure rose to 35%.

With the average number of investigations carried out within individual enterprises per-year standing at 78 internationally, this suggests that enterprises across the globe are leaving themselves at risk of acute company damage by failing to act fast. Of those attacks, 26% were targeted – highlighting that cyber criminals are tailoring their attacks to specific victims or focusing in on particular types of information, including confidential employee or customer data.

Feedback from UK IT professionals suggests lack of communication between the company’s security tools could be slowing down their organisation’s ability to detect and react to cyber threats – with 78% listing this as a problem. Hackers typically use a single vulnerability within an enterprise network as an opportunity to spread their attack across the organisation. As such, companies that fail to sync up their security tools could be leaving hackers with time to spread damage across the company, before they’ve even had a chance to detect the threat.

Access to analytics tools also came up as a key issue for UK enterprises, suggesting manually analysing compromised data is slowing responses in the first critical minutes of an attack. 39% claim that they are in need of better automated analytics from their security intelligence tools in order to gain real-time and comprehensive security visibility at their organisation.

Beyond lack of necessary tools, 80% of UK IT professionals believe their organisation suffers from a shortage of IT security skills amongst staff. Despite this skills shortage, less than half (40%) of UK companies surveyed said they are currently recruiting for new security talent – the lowest number globally. This compares to 78% in the US, 73% in France and 61% in Germany.

Raj Samani, commented : “It’s worrying to see that companies in the UK and globally are losing out on critical time in the initial onset of an attack – when immediate action is crucial. Hackers don’t hang around - as soon as they identify a vulnerability within a corporate network, they will be working to spread this as far as possible throughout the enterprise, wreaking havoc and compromising data along the way. “

Raj continued “Investing in training to ensure the company’s security team has the expertise to deal with a threat is crucial. Meanwhile, automating processes and ensuring security tools are synced across the network is a key way to ensure companies are able to act fast in their ‘golden hour’ of an online attack.”

We conducted a survey of our resellers and dealers our survey revealed, Nude selfies, XXX, Viagra, back door,European, women selfies, , virus, spam, sex pics, online, trojans, were the most used back door methods.,