This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

Survey: 66% large firms unaware of recent security incidents

13 June 2013

A recent survey conducted by Lancope, a network visibility and security intelligence, revealed over two thirds (66%) of large organisations said they had not experienced a security incident in the past 12-18 months or were unsure if they had

Commenting on this finding, Tom Cross, Lancope’s director of security research, says that it’s very unlikely that none of these organisations experienced incidents during that time frame: “Any system you connect to the Internet is going to be targeted by attackers very quickly thereafter. I would assert that if you’re unsure whether or not your organisation has had a security incident, the chances are very high that the answer is yes – and this is a significant problem.”

With the constant barrage of external scanning, phishing attacks and malware being served up by websites, not to mention sophisticated, targeted attacks and insider threats, large companies face a constant security challenge. “Any organisation needs to know whether or not they’ve been subject to a security breach, and if companies believe they have not, the question may be are they really aware of everything that is happening on their networks?” Cross adds.

The respondents to Lancope’s survey indicated that the most common incidents they were aware of were malware (18%) and DDoS (16%), with insider attacks coming in at 12%. “DDoS will break your infrastructure, which hopefully an organisation would know about pretty quickly.

Similarly, malware is relatively easy to detect as your antivirus software will often find it on your network. Insider attacks are much less common in terms of total incident count compared to those launched by outsiders, but, on rare occasions, they can result in millions of dollars in losses.” Cross explains.

While 25% of respondents said that reputational damage was the worst impact that a security incident had on their organisation, 21% said they had suffered a financial loss and 13% had lost intellectual property. Interestingly, 38% of people said that they had seen no impact at all. Any security incident has some sort of impact on a company, be it having to clean up an infection or address whatever security issues led to it in the first place. Cost will hopefully be contained if an organisation has a good incident management program in place and can quickly identify which systems have been compromised. The average cost to a large organisation for its worst security breach in 2013 was £450,000 to £850,000.

With businesses constantly being pressured into allowing new technology within their enterprise, as well as enabling it to be functional and somehow fit it into the mould of existing infrastructure, it’s unsurprising that over 50% of companies felt that mobile devices/BYOD were the greatest security risk to their company. There’s a real need to be able to monitor these devices properly, understand their behaviour and detect if they have been infected. However it is hard to install software on end points and enforce policy.

One way to address this problem is to look at it these devices from the network side. With better visibility into activity on the internal network, it is possible to identify infected devices, understand what they are doing in the environment and obtain an audit trail of network and host activity without having to install software agents on the devices themselves.

At 32%, the risk of insider threats is also a worry to large organisations, as is a lack of network visibility (28%). Most organisations have strong perimeter defences, designed to protect their networks against external attackers, but insufficient information to see what is happening within their network.

By collecting audit trails of activity occurring within the internal network, organisations can gain a sense of control as to what is happening within their environment, enabling them to investigate potential insider incidents and be confident that they have effectively mitigated any risk. Other risks organisations were worried about were APTs (18%) and poor change management or operational controls (21%).

Print this page | E-mail this page


View more articles
Article image

Why the Law Says You Need a Nappy Bin Disposal Service

At home, parents are used to disposing of their babies’ used nappies the same way they do any other domestic waste - bagging it up and sticking it in the r...

Benchmarking maintenance

BSRIA has just published this year's operation and maintenance benchmarking report as a guide for building operators to evaluate their performance against ...
Article image

£500m heating and renewables framework launched

Details of a nationwide framework for the supply of heating and renewable energy solutions for the public sector have been published, worth up to £500m ove...
Article image

Keeping your premises secure throughout the darker months

As the darker months close in, it can be a more active time for criminals to attempt a break in or burgle, with research finding that burglaries spiked by...
Article image

Climate change concerns and zero carbon driving energy management focus

With increasing calls for action to address climate change issues and a growing number of organisations aiming for carbon-neutral status, there is growing ...
Article image

SMS continues to invest in business and extend its capabilities

Southern Maintenance Solutions (UK) Ltd has launched SMS Renewables. The new division will focus on delivering affordable, renewable energy solutions that ...