Incident Response, TDR

Breaches driving organizational security strategy, survey indicates

Breaches are driving organizational security strategy, Adam Bosnian, executive vice president of the Americas at CyberArk, told SCMagazine.com on Monday, citing figures from the security company's eighth Annual Global Advanced Threat Landscape survey.

CyberArk interviewed 373 IT security executives and other senior management from North America, Europe and the Asia-Pacific and nearly 70 percent said that NSA leaks by Edward Snowden and the recent spike in point-of-sale breaches has had the biggest impact on their business's security strategy.

As a result, organizations are making more room in the budget for security.

“In the past, we [mostly] saw that from companies that were breached,” Bosnian said. “Now we're seeing it from companies that have not been breached, but are saying, we don't want to be that [organization].”

Breaches are often thought to be the result of attackers forcing their way in from outside the organization's perimeter, but that is not always the case. 52 percent of respondents believe an attacker is already present on their network, or has been in the past year – the idea of the insider breach.

The issue is compounded because 44 percent of respondents believe attacks reaching the privileged account takeover stage are the most difficult to detect, respond to and remediate, whereas 29 percent believe that honor goes to the malware implementation stage.

“[The privileged account] is a shared account designed to be used by the mechanics of that system so they can do work in an easy way,” Bosnian said. “It's a combination of power and anonymity. For an organization to try [to detect abuse], it needs to determine what activity in the environment is abnormal.”

The idea of third-party privileged access is also concerning – 60 percent of respondents indicated that their businesses allow vendors to access internal networks and, of those, 58 percent said they have no confidence that the vendors are securing and monitoring privileged access to their network.

So, whose responsibility is it to ensure a secure network? 

“The company can say that the vendor needs to secure access to its network, but the responsibility really falls on the company,” Bosnian said. “The company needs to make sure it is done right.”

When asked about other trends shaping security strategies, 30 percent of respondents said Bring Your Own Device (BYOD), 26 percent said cloud computing and 21 percent said regulatory compliance. Additionally, 31 percent of businesses have already deployed security analytics in some form, 23 percent are planning to do so in the next year, and 33 percent have no plans to introduce security analytics.

The survey "shows an industry that, in my mind, is moving in a healthier direction than it was three or four years ago,” Bosnian said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.