Study: Advanced threats a growing problem for security
- — 01 July, 2010 03:14
Most organizations have been the target of an advanced threat, according to results of a study released this week by Ponemon Institute and sponsored by NetWitness.
The research includes the responses of 591 IT and IT security practitioners and found 83 percent believe their organization has been the target of an advanced threat, with 71 percent reporting an increase in advanced threats over the past 12 months. The majority of those polled, 70 percent, said that advanced threats suggest a new, more dangerous threat landscape.
Also see: CISOs keep breach costs lower
The study authors note that while the definition of what constitutes an advanced threat still varies within the industry, for purposes of their research, it is as a methodology employed to evade an organizations present technical and process countermeasures which relies on a variety of attack techniques as opposed to one specific type.
"The predominant majority of the threats are represented by unknown, zero-day attacks, but there are increasingly many instances where known attacks are being re-engineered and repackaged to extend their usefulness," the study authors said in a summary of the findings.
The majority of respondents said advanced exploits and malware have successfully evaded their anti-virus (AV) and intrusion detection system technologies. In addition to the difficulty in preventing advanced threats, 46 percent said it takes one month or longer to detect an advanced threat in their organization. The target of at least half of the attacks seen by respondents was sensitive proprietary data such as source code, non-financial business confidential information and financial information. Another 48 percent believe the targets were PII including customer or consumer information and employee records.
"Policies and procedures exist but support from personnel and technology seems to be inadequate to address the problem," said Ponemon officials in the summary. "More than half, 58 percent, of respondents believe they have the procedures and policies in place to defend against advanced threats. However, only about one-third report that their security-enabling technologies are adequate and only 26 percent report security personnel are adequate to deal with advanced threats. "