cyber trends
on high profile targets. While it is true
that nation states may have created
the blueprints for these attacks, once
these techniques are publicised, other
cybercriminals often adopt them for their
ingenuity and high success rate,” said
Wisniewski. “Supply chain attacks are
also an effective way for cybercriminals
to carry out automated, active attacks,
where they select a victim from a larger
pool of prospects and then actively hack
into that specific organisation using
hand-to-keyboard techniques and lateral
movements to evade detection and reach
their destination.” Having current technology in place is
another problem, with 75% agreeing that
staying up to date with cybersecurity
technology is a challenge for their
organisation. This lack of security
expertise, budget and up to date
technology indicates IT managers are
struggling to respond to cyberattacks
instead of proactively planning and
handling what’s coming next.
Lack of security expertise, budget
and up to date technology IT managers
should prioritise
supply chain as a
security risk, but
don’t because they
consider these
attacks perpetrated
by nation states on
high profile targets.
According to the Sophos survey, IT
managers reported that 26% of their
team’s time is spent managing security,
on average. Yet, 86% agree security
expertise could be improved and 80%
want a stronger team in place to detect,
investigate and respond to security
incidents. Recruiting talent is also an
issue, with 79% saying that recruiting
people with the cybersecurity skills they
need is challenge.
Regarding budget, 66% said their
organisation’s cybersecurity budget
(including people and technology) is
below what it needs to be.
“Staying on top of where threats are
coming from takes dedicated expertise
but IT managers often have a hard time
finding the right talent or don’t have a
proper security system in place
that allows them to respond
quickly and efficiently to
attacks,” said Wisniewski.
“If organisations can
adopt a security system
with products that work
together to share intelligence
and automatically react to
threats, then IT security teams
can avoid the trap of perpetually
catching up after yesterday’s attack
and better defend against what’s going
to happen tomorrow.
“Having a security ‘system’ in place
helps alleviate the security skills gap
IT managers are facing. It’s much more
time and cost effective for businesses to
grow their security maturity with simple
to use tools that coordinate with each
other across an entire estate.”
Synchronised security
solves the impossible puzzle
of cybersecurity
With cyberthreats coming from supply
chain attacks, phishing emails, software
exploits, vulnerabilities, insecure
wireless networks and much more,
businesses need a security solution that
helps them eliminate gaps and better
identify previously unseen threats.
Sophos Synchronised Security, a
single integrated system, provides this
much needed visibility to threats by
integrating Sophos endpoint, network,
mobile, Wi-Fi, and encryption products
to share information in real-time and
automatically respond to incidents.
The Impossible Puzzle of Cybersecurity
survey was conducted by Vanson
Bourne, an independent specialist in
market research, in December 2018 and
January 2019.
This survey interviewed 3,100 IT
decision makers in 12 countries and
across six continents in the US, Canada,
Mexico, Colombia, Brazil, UK, France,
Germany, Australia, Japan, India and
South Africa. All respondents were from
organisations with between 100 and
5,000 employees. u
www.intelligentciso.com
|
Issue 16
21