Less than half of IT professionals would be completely confident being aware that a breach had even happened. This means that more could have taken place without their knowledge. This is according to the Unknown Network Survey, which was undertaken in the UK, France, Germany and the US by Balabit. What’s more, only 43% of those in the survey said they felt confident about what data was accessed during a breach, and only 39% were certain they would be able to identify the source of a breach.
Privileged users, who are granted the most access within an organisation, are vulnerable to an attack and can open the door to inside threats, leading to internal tension surrounding the development of cohesive security strategies.
The evolution of security threats
The survey suggested that this deficiency could result in over a quarter of companies being breached in the next six months. As well as this, the research shows that 73% of businesses believe that technology struggles to keep up with security threats, despite the majority of which believing it to be effective.
“Attacks are becoming more and more sophisticated and every organization is at risk,” said Csaba Krasznay, security evangelist, Balabit. “Security is no longer about simply keeping the bad guys out. Security teams must continuously monitor what their own users are doing with their access rights, as part of a comprehensive and cohesive security strategy.
“What’s really alarming, though, is that the majority of businesses know very little about the nature of the security breaches that are happening to them. Many even admit that a security breach could quite feasibly go unnoticed. That’s how loose a grip we’ve got on them, or how little we really understand them. We know about breaches, sure – but we really don’t know enough.”
Education or Investment?
What’s more, the report also confirms that senior IT professionals consider insider data breaches to be the biggest threat when it comes to network security, with 80% of which also stating that providing employees with an education into the matter would be a key method into keeping the network secure.
On the other hand, according to COO of Capgemini’s cybersecurity global service line, Mike Turner, organisations are putting all their focus on education employees, but are failing to look at other security weaknesses in the business.
“Companies are relying on user behaviour and that’s not enough – they need to fall back on a multi-layered approach that focuses on the other elements of the defence.”
Balance is Key
The research shows that in most cases, when a threat is unpredictable and already exists within a business, it is important to form comprehensive security strategies. This should maintain a balance of educating employees on the matter, as well as having the appropriate security technology. This way, organisations can feel comfortable in the knowledge that they understand their environments and are prepared to fight ever-changing security threats.
When it comes to the correct security for your business, it’s important you find the right company who can offer you what your business needs. When you attend a conference by Whitehall Media, you are in the position to meet a variety of security companies who aim to keep your business as safe as possible. To find out more about our upcoming events, check out our calendar for 2018, or get in touch with us today for more information.