Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

European Firms Have Targeted Attack ‘Blind Spot’ – Report

A worrying number of European organizations are flying blind when it comes to working out if they’ve been a victim of targeted attacks, according to new research from Trend Micro.

The security giant commissioned analyst house Quocirca to interview 600 IT decision makers across Europe about their attitudes to advanced attacks.

It found that of the 251 organizations that had been successfully targeted, 31 claimed they were not aware if any data had been stolen, while a further six knew they had been attacked but not how much data had been stolen.

This lack of visibility is surprising considering that awareness about advanced attacks like this is rising.

The percentage of European firms labelled “complacent” about breaches has dropped from 26% in 2013 to just 6% this year.

Around a quarter feel targeted attacks are inevitable, a similar number think they are a growing concern and 44% that they are a long-term concern, the research revealed.

UK firms came out comparatively well in terms of the volume successfully hit by targeted attacks, although six British organizations made it onto the top 40 worst reported attacks—including the number one and two spots.

These incidents apparently involved costs of more than €1 million, and serious data loss and reputational damage. Worryingly, all six UK organizations in the top 40 had either specialist IT security teams, operations centers and/or managed security service providers in place, Trend Micro claimed.

Trend Micro cybersecurity consultant, Bharat Mistry, argued that many companies don’t have the right people, processes or technology to understand if they’ve been hit or not.

“Also a mind shift change is required—at the moment, most companies are focused on ‘prevention’ which is inherently based on known signature-based technology solutions,” he told Infosecurity.

“With the evolution of the threat landscape—where we are seeing more and more use of zero-days and advanced malware—the focus needs to move from prevention to detection, in other words the ability to see non-standard behavior and act on it.”

Photo © 360b/Shutterstock.com

What’s Hot on Infosecurity Magazine?