It’s not uncommon that vendors want to understand the experiences and opinions of security experts who are in the trenches, which is why Black Hat is often an opportune time to conduct surveys. Since this year's conference, AlienVault has analyzed the data of a survey it administered and today released its newest report, Extortion, the Cloud, and the Geopolitical Landscape.
The survey asked a wide range of questions to almost 1,000 security professionals to gauge their perspectives on topics including the public infrastructure being prepared to protect itself against cyber-threats, best reactions to cyber-threats of extortion and the security concerns hampering cloud adoption.
Of all the survey participants, 54% believe the public sector infrastructure in the US is either unprepared or very unprepared to defend against cyber-attacks, with 20% saying the US is currently "very unprepared."
Survey questions looked specifically at preparedness for attacks on reputation and brand. “While reputational damage has always been well-understood, it’s the more recent rise of social media, and the speed at which news travels, that has made it more of a risk. The takeover of corporate social media accounts by attackers, or disgruntled (or recently fired) employees is perhaps the most visible and commonly-seen example of a reputational attack on a company,” the report said.
Interestingly, 36% of security professionals feel that the potential of nation-state cyber-threats has had a positive impact on security practices in their organization. Still, 25% of businesses said that if there were any type of blackmailing attack, their organization would not know whether data had in fact been exfiltrated. If there were an instance of extortion, though, 38% of survey respondents believe negotiating the demands would be the responsibility of the CISO.
Because of their security concerns, 44%, of businesses reported that they are actively considering moving certain operations, apps, or data back to on-premises from the cloud, with 46% citing security as the biggest blocker to cloud adoption.
A majority (64%) of respondents believe that the security community is becoming more collaborative when it comes to sharing intelligence information. “When discussing attacks, it’s important to also bear in mind the collaborative nature of attacks and how defense also relies on collaborative measures. It was reassuring to see the vast majority of participants stated that they believe security professionals are becoming more collaborative in their efforts to secure enterprises,” the report said.