The survey, which gathered the opinions of CISOs from 120 companies, found that many of them were still relying on firewall technology to protect their organisations, rather than focusing on more pervasive techniques to spot security threats.
"Defense in depth has been oriented around the notion that there's a perimeter based on network problems.The adversary says 'the heck with your perimeter. I have someone sitting inside your network, or I have someone sitting outside your network using application layer attacks to get at you,'. " said Eddie Schwartz, chief security officer at Netwitness.
Unsurprisingly, 97% of organisations were either concerned very concerned about data breaches. However, Schwartz was concerned by the preoccupation in the survey base with insider threats.
80% of respondents considered insiders to be the greatest source of threats to their data. Only 11% saw cyber criminals as the greatest threat.
"You couldn't come up with a more predictable statistic," he said. "It couldn't be more false, in the sense that statistics have shown most of the data losses are due to external attacks at the application layer, or collaborations where blended or co-ordinated attacks occur. Then, the perimeter is no longer an issue," Perccoco said.