Simply Security - News, Views, and Opinions from Trend Micro

Posted on July 2nd, 2012 in Current News by Simply Security | Be the first to comment | Tags: cybercrime, web threats

In the age of APTs, companies often have false sense of data security.

As the digital threat landscape continues to evolve, advanced persistent threats (APTs) are becoming more of a concern among decision-makers and IT departments. APTs are attacks that utilize sophisticated methods to bypass security software and systems and launch potentially devastating attacks that can cripple, corrupt or steal data, all the while remaining undetected for long periods of time. According to a new study by Wave Systems, some enterprises feel confident in their ability to defend against these cyberattacks, though this courage often comes from a false sense of security.

The study polled more than 250 IT security decision-makers, managers, professionals and analysts in the U.K. and found that there is a general lack of preparedness when it comes to preventing APTs from accessing the corporate network. Wave Systems found that 43 percent of survey respondents feel they don’t have an effective detection system or strong enough data security tools that will alert IT staff of the presence of these threats.

According to a blog post by Gartner research director Lawrence Pingree, businesses need to develop detailed programs if they wish to counteract APTs. These policies need to include continuously improving monitoring controls that enable decision-makers and IT departments to address hidden threats.

The Wave Systems study revealed that nearly three-quarters of companies in the U.K. believe they have a robust security system that can deter APTs. However, 16 percent of respondents said they did not have data protection tools in place that will prevent data loss from occurring through the use of removable media.

Cloud computing and the consumerization of IT also introduce new vulnerabilities that many IT professionals said they were unable to defend. According to the study, 35 percent of respondents said they had no effective tools capable of managing a variety of cloud-based services. Meanwhile, 30 percent of U.K. IT decision-makers said they did not have a unified system that could authenticate and manage all tablets, smartphones and laptops accessing the corporate network.

Many companies were even unsure of some of the new upcoming European Union compliance standards that will require them to guard against APTs through complex encryption.

“Our survey focused on new network security threats, regulatory compliance and the challenges presented by multiple devices and the cloud,” said Joseph Souren of Wave Systems. “It indicates that there are definite gaps for many firms in both understanding of the growing cyberthreats and new strategies that enterprises must implement to be fully compliant with EU regulations.”

As the threat landscape continues to become more menacing, organizations need to improve their data protection capabilities, especially in the presence of APTs.

Data Security News from SimplySecurity.com by Trend Micro