UK firms see competitors as greater cyber attack risk than criminals

More than half of UK companies expect a cyber attack in the next six months, but see competitors as a greater risk than criminals, a survey shows.

The greatest risk of attack is from hacktivists, according to 59% of UK IT managers polled on behalf of security company Bit9.

Competitors were ranked next (35%), followed by disgruntled employees (31%) and cyber criminals (23%).

Of over 1,000 IT managers polled in the UK, France, Germany and Spain, 58% felt there were more hackers, organised crime groups and nation state attacks than before.

Company file servers and databases are seen as the most vulnerable to attack (34%), but only 31% of respondents were confident these assets were protected by their current security measures.

Personal customer information was ranked as the most at risk (60%), followed by customer financial information (50%). But 29% said intellectual property, such as designs and patents, was a top priority.

Malware, such as Trojans, rootkits and viruses, was ranked as the attack method European IT managers were the most worried about (36%).

Drive-by downloads and malicious websites was ranked second (16%), followed by spear-phishing (15%), malicious memory sticks and devices (15%) and distributed denial-of-service attacks (14%).

The survey revealed most IT and security professionals in Europe take their responsibility for reporting breaches seriously, with 88% agreeing that breaches should be disclosed.

Almost two thirds said additional information should be provided, such as what was compromised and even how the breach occurred (25%). Only 12% felt that nothing should be disclosed.

Most European respondents felt the security industry would have a bigger impact on improving cyber security through technology (46%) than governments through law enforcement (13%).

Only 8% felt individuals would have the biggest impact, while 34% said companies would have the greatest impact through best practices.

 "At a time when it's easier to steal rather than create information from scratch, it's imperative that organisations have systems in place to detect and protect against the rise in targeted attacks," said Patrick Morley, president and chief executive of Bit9.

However, in the past year, there has been a growing awareness in Europe that the traditional approach of anti-virus, firewall and behavioural analysis is not enough, Morley told Computer Weekly.

Less than a third of those polled believed current security protections were adequate, he said.

According to Morley, the rapid pace of malware development has rendered traditional anti-virus ineffective. At best, anti-virus systems can detect 25% to 35% of threats.

The way forward, he said, is a trust-based security model, where only trusted applications and processes are allowed to execute on IT systems.

Organisations in North America are adopting the trust-based model on the face of increased attacks by nation states, hacktivists and organised crime, said Moreley.

This approach, he said, stopped the malicious e-mail attack at a Bit9 customer site nine days before the same technique was used to breach the IT systems at RSA, the security division of EMC.

An essential element of the trust-based approach, said Morley, is a dynamic analysis capability linked to a continually updated repository of data to enable systems to understand if changes, such as patches, are trusted changes or not.

"Static white lists do not work because they cannot deal with legitimate security updates to the IT environment," Morley said.

Continually scanning corporate networks and evaluating applications and processes in real time is the best way to protect against emerging threats, Morley said.