IFSEC Global

Author Bio ▼

IFSEC Global is the online community for the Security and Fire industry. Our market-leading live events span the globe, connecting buyers and sellers.
November 13, 2019

Sign up to free email newsletters

Download

Want a Future-Proof Cyber Security Strategy? Look at Physical Security Now

Alsid reveals that 36% of organisations are more vulnerable to security threats than five years ago

According to research commissioned by Alsid, a cybersecurity software provider, 36% of IT professionals say their organisations are more vulnerable to security threats than they were five years ago.

security threat

506 IT professionals working at companies with 50 or more employees took part in the research. The results shine a spotlight on the current state of IT security and attitudes among security and IT professionals.

The findings revealed disadvantages and advantages. But while there are some seeming bright spots for IT pros in the results, some of the data may show a perception/reality gap in the minds of IT and security professionals.

For example, a combined 72% of respondents feel “fairly well” (44%) or “very well” (27%) prepared against enterprise-grade ransomware attacks.

Jérôme Robert, CMO of Alsid, said: “This confidence is nice to see, but unfortunately the everyday reality suggests a different story. I get the sense that if you asked all the companies which have recently been hit by ransomware if they were well prepared before those attacks, they would probably have said yes. So that confidence didn’t help them, in fact it probably hurt them because maybe they weren’t asking the questions they could have been.”

Changing IT/security roles

When questioned about their own roles:

  • 42% feel that their job has become more complicated in the last two years.
  • 15% feel more empowered to make decisions today compared to the past.
  • 16% admitted that keeping track of new updates and techniques to help prevent cyber threats has become more difficult.

Turning the focus to their organisations, when asked about preparedness for certain types of attacks a combined 29% admitted to being “not very well” (22%) or “not at all well” (7%) prepared for insider threats – an attack perpetrated by someone within the organisation.

This makes insider threats the highest-ranking threat in the category. In second place, 18% said their employer was “not very well” (13%) or “not at all well” (5%) prepared for an attempted “targeted data theft.” 14% of respondents said they were not prepared for DDoS attacks, and attacks which exploit suppliers’ (third-party) access ranked fourth with 13% stating a lack of preparedness.

Securing the Active Directory

Ransomware attacks are just one of the many types of attacks which rely on compromising the Active Directory, which is sometimes forgotten as an element of an organisation’s IT security. Of organisations which have an Active Directory, the survey data shows that responsibility for Active Directory security is split between functions, with 27% of those IT professionals reporting that responsibility lies with the IT team, and 19% stating that the security team holds responsibility for Active Directory security. 16% of respondents said that their organisation employs an Active Directory security specialist.

But 24% said that they don’t know who is responsible for Active Directory security within their organisation – showing that sometimes this important function can fall through the cracks between the IT and security teams.

Furthermore, just one in five (21%) IT professionals said they have followed security best practice by testing a complete Active Directory restoration successfully more than once, and then incorporating the findings into their cyber security policy.

16% of respondents whose organisations have an Active Directory stated that Active Directory security is not treated as a priority in their organisation, whereas 31% replied that AD security is a priority, but not a top priority. 26% said that Active Directory security is treated as one of the top priorities by their employer.

Jérôme continues:

“The enhanced profile of cyber threats and attacks is driving changes at the heart of IT and security functions within businesses, and I don’t think anyone can say now that security isn’t taken seriously at a senior level within companies.

So the good news is that we’ve come a long way already, but you only need to look at the news to see that there are still gaps in security which lead to things like massively expensive ransomware incidents”.

“As a central part of all enterprise information systems, the Active Directory is now the primary target for large-scale attacks – particularly in medium and large enterprises,” adds Robert. “It’s positive to see that the perceived importance of AD security is now growing after years where it was left out in the cold and pretty much ignored.

This led to it being seen as a soft target for cybercriminals, which is where we are today. So in a weird way, the popularity of the Active Directory as an attack vector is driving knowledge and awareness and forcing companies to act. Companies are also finding that AD protection is a valuable investment because of its broad applicability right across the kill chain, and its ability to disrupt many different types of attacks.”

Other statistics from the research include:

  • 81% of respondents stated that preventing hackers from accessing the first computer within an organisation’s network is “very important”, with 15% agreeing it was “fairly important”
  • 80% agreed that responding quickly after the attack succeeded in gaining entry was “very important”, and 16% said it was “fairly important”
  • For companies with an Active Directory, when asked how often it was subjected to penetration testing, 13% of IT pros said less than once every two years, 19% said more than once per year, and 21% said pen-testing the AD happened once each year.

Alsid’s solution strengthens companies’ infrastructure and detects attacks in real-time, preventing them from spreading across a network. Recent major cyberattacks either known or thought to have proliferated via the Active Directory include the Demant breach in Denmark, some 621 US public sector bodies, and over 50 US cities so far in 2019.

Alsid recently closed a $13m funding round, a record sum for a cybersecurity Series A round. The company will use the funds in part to accelerate Alsid’s expansion in Europe, Asia, and the US, and to build on its revenue growth of over 500% throughout 2018.

Free Download: Cybersecurity and physical security systems: how to implement best practices

Discover the five-step process for strengthening your cyber and physical security systems with this free resource from Vanderbilt. Learn how to choose the right equipment to stay diligent and protect your systems against cyberattack, and learn what cyberattacks mean in an interconnected world.

Related Topics

Leave a Reply

avatar
  Subscribe  
Notify of