And many predict a major cyber attack against the U.S. in the next two years.
Money can get you a lot of things. A new car, a new house, and even more money if you use it right. One thing it can’t get you: complete cybersecurity.
Three-quarters of security professionals don’t believe that buying all available security tools would fully protect their organizations, according to a survey from Tripwire, a security software company. On top of that, nearly half say the security tools they did buy failed to protect them.
“New tools and technologies enter the information security market all the time, but it’s clear that many of them simply don’t meet the needs of the market,” says Tim Erlin, VP of product management and strategy at Tripwire. “Focusing on the basics that have been demonstrated to work may not make headlines, but it does make sense.”
But you can find power in numbers right? Not in this case. The more employees a company had, the less faith they had in the cybersecurity tools used to protect them.
In businesses with 1000 employees or less, only 32 percent would feel fully protected if they invested in all available security tools. Less than half — 19 percent — felt the same in a company with between 1000 and 5000 employees. Even less — 15 percent would feel protected in a company with more than 5000 employees.
Big cyber attacks are imminent
As if that wasn’t tough enough news to swallow, most information security professionals predict a cyber attack on the U.S.’s critical infrastructure in the next two years, according to research from the information security research firm, Black Hat.
The current presidential administration doesn’t help ease their concerns. Only 26 percent of the 600 security professionals surveyed feel confident that the U.S. government and defense forces are equipped and trained to respond appropriately to an attack. Close to half — 47 percent — say the Trump administration will have a negative impact on cyber defense, with 26 percent of people confident he will have a positive change.
So what is eroding that confidence? Nearly 70 percent of respondents say the increase in state-sponsored cyber attacks such as those during the U.S. elections or corporate attacks like WannaCry, where hackers held close to 300,000 people’s private information ransom, have made U.S. data seem less secure.
There’s no real hope in sight either as close to 70 percent of people of security professionals say they don’t have enough staff to protect against major security breaches and nearly 60 percent say they don’t have the budget to fight off attacks.
Keep security simple?
Recent security breaches such as WannaCry have been attributed to organizations using old, outdated and unpatched systems, rather than a lack of appropriate defensive tools, Erlin says.
He adds that some of these attacks may have been prevented had organizations kept on top of their fundamental security systems.
“Very often, the biggest bang for the security buck is making sure foundational security controls are in place. The fundamentals of finding and patching vulnerabilities, making sure systems are securely configured and monitoring your systems for change go a long way in maintaining a strong security posture.”
Meet the Author
Article last modified on August 30, 2017. Published by Debt.com, LLC . Mobile users may also access the AMP Version: Most Security Professionals Don’t Trust Cybersecurity Tools - AMP.