It would appear that UK companies are having a crisis of confidence. Nearly two-thirds (64%) of UK IT decision-makers said they expect their organization to be the target of a cyber-attack within the next 12 months, and are uncertain about their ability to detect it. In fact, almost half of those surveyed (49%) said they did not even know if they had been compromised already.
According to a survey from Bit9 + Carbon Black shared with Infosecurity, nearly one in three (32%) of those surveyed confirm their business was hit by a cyber-attack during the past year, but confirmed there to be blind spots on enterprise endpoints. A full 61% of respondents rated their ability to detect suspicious behavior in advance of an attack as no better than average.
End-user machines, i.e., laptops and desktops, were cited as being most vulnerable to cyber-attack (41%), demonstrating the need for organizations to ensure they can continuously monitor and record activity across all endpoints. Shockingly, two-thirds (74%) of respondents still had systems running on Windows XP, even though the OS has now reached end of life. And only 29% of that group had plans to put a new OS in place.
The visibility gets worse when it comes to that most high-profile of recent targets: retail and other companies that use In organizations that use point-of-sale (PoS) systems to process credit card payments. A staggering 70% admitted they had no way of knowing if their systems had been targeted. And only 20% were able to say with confidence that their PoS systems had not been. Among PoS users, only half (52%) were confident or very confident that their current security solution would be able to stop advanced threats or targeted attacks against their systems.
“Visibility is critical for effective security, yet these results show that far too many organizations don’t know what’s happening on their endpoints,” said Ben Johnson, chief evangelist for Bit9 + Carbon Black, in a statement. “You can’t stop advanced threats and targeted attacks if you can’t see what’s happening. Prevention, detection and response are built on the ability to see all activity on every endpoint and server.”
All of this is not to say that IT staff isn’t worried. When asked about the impact of an attack on their organisation, respondents worried most about system downtime (77%), data compromise/loss (68%) and damage to their corporate brand (52%). 50% admitted that a cyber-attack would impact them financially.
Looking at the source of possible cyber-attacks, 61% of respondents cited disgruntled employees as being one of the top three most likely attackers, exceeded only by Anonymous or other hacktivists (86%) and cybercriminals (77%). These figures reflect the need to actively enforce security policies for internal staff and systems in addition to securing systems – and the important data on them – against outsider attacks.