Organisations must do more protect against Advanced Evasion Techniques
Company IT security experts are failing to defend their organisations against Advanced Evasion Techniques (AET's) according to research by Vanson Bourne across 800 CIOs in the US and Europe.
AET's are commonly used by hackers and criminal gangs to circumvent and penetrate even the most secure networks.
They work by combining attack methodologies that can then dynamically change and be used to sniff and attack more widely across the network simultaneously. This approach can often disguise the threat making it appear harmless to many network security systems and this makes it harder for the security team to respond and defend against the attack.
The research report reveals that almost 40% of CIOs who have suffered a breach believed that AET's were used. Across the whole sample base the average cost of the breach to the organisation was in excess of $930,000 with the financial sector suffering losses of more than 2 million per breach.
Awareness of the threats from Advanced Evasion Techniques was cited as a critical factor as while many cyber criminals are using the technique most IT security professionals lack the detailed understanding of AET's necessary to properly address the risk. Of those surveyed nearly 40% stated that they did not have the ability to identify or track AET's in their networks.
Ashish Patel, Regional Director for Network Security for McAfee UK who commissioned the study, commented "… Hackers already know about advanced evasion techniques and using them on a daily basis". He added "the study has shown the real lack of understanding, knowledge and awareness in the community. What we're hoping to do is educate businesses so they know what to look for and understand what's needed to defend against AET's. Education is absolutely key"
Patel also raised concerns over third-party security testing where he believed that many companies were overstating their detection capabilities and were perhaps contributing to a false sense of security for customers.
To read the report please click below:
You might also like ...
This Ponemon Institute study examines the costs incurred by 36 UK companies in 11 different industry sectors after those companies experienced the loss or theft of protected personal data and then had to notify breach victims as required by law. Results were not hypothetical responses; they represent real cost estimates for activities resulting from actual data loss incidents.
The number of breached records per incident this year ranged from approximately 3,500 records to more than 78,000 records.
In this the the fifth annual benchmark study concerning the cost of data breach incidents for UK-based companies and which was supported by Symantec, the average per capita cost of a data breach has increased from £71 to £79.