Maksim Kabakou - Fotolia
Human error, lack of staff and a flood of security alerts are the chief reasons cyber attackers are managing to breach organisations, according to information security professionals.
Nearly 55% of more than 130 attendees of the 2017 Black Hat security conference in Las Vegas admitted their organisations had been hit by cyber attacks.
The poll reveals the majority of organisations are unable to prevent cyber attacks and that ransomware represents a significant proportion of attacks.
However, two-thirds of those hit by ransomware refused to pay the attackers behind the malware, showing most of those polled are heeding recommendations not to pay.
Law enforcement and cyber security advisors have repeatedly urged organisations not to give in to ransomware demands to discourage cyber attackers from using this method of making money.
The survey revealed 84% of respondents whose company has suffered a cyber attack attribute it, at least in part, to human error.
Read more about information security skills
- An anti-millennial recruitment stance will widen the cyber security skills gap, experts warn.
- Companies struggling to fill infosec roles should focus on finding people who can do what they need, not qualifications, according to a security industry panel.
- Information security professionals need to grow their skills, engage with the business, increase security awareness, set business goals and tailor their messages, says a panel of experts.
- The information security profession has reached an inflection point and is poised for growth, according to Adrian Davis, managing director for Europe, Middle East and Africa at (ISC)2.
While this finding underlines the importance of user education and training, the respondents said human error is exacerbated by understaffed security teams and a flood of alerts and false positives.
This highlights the negative impact of companies struggling to recruit cyber security teams in the face of a worldwide shortage of people with information security skills and the need for greater staff support.
This shortage of cyber defenders with the right skills is further underlined by the fact 43% of respondents said technology detected the attack, but the security team took no action, while another 41% said a combination of technology and human error was to blame.
Respondents also blamed a lack of information resources to understand and mitigate attacks, with 42% saying they are left to figure them out themselves. As a result, 52% said they seek online information from security experts and suppliers, while another 19% said they rely on peers.
The survey also revealed only 28% of respondents follow best practices by erasing and rebuilding a computer’s software after a potential malware attack. Instead, they either manually erase (46%) or rely on AV tools to identify and clean the malware (24%), often resulting in it staying in place on the infected machine to continue its attack.
“The threat of a cyber attack is something that organisations have to deal with on a daily basis,” said Christopher Kruegel, CEO of Lastline.
“This survey highlights the need to adopt best practices and equip security teams with better tools to eliminate false positives and provide crucial information to help them prioritise and address those events that present the highest potential risk,” he said.