Security teams should focus on attacks 'that matter'

A new survey by Countercept by MWR InfoSecurity highlights all the frustrations IT security experts are experiencing, as they're trying their best to protect their company's assets and employees.

The survey, conducted during Infosecurity Europe, asked 301 IT security professionals about their company's ability to detect and deter cyber-attacks.

A third doesn’t believe they have the skills, manpower or technology to detect attacks ‘that matter’. The report doesn’t say which types of attacks matter, and which not, although it rounds them all under those that ‘do damage’.

It did say, however, that an increased threat landscape, with laptops, tablets, smartphones, wearables, and whatnot, is putting a lot of strain on security experts.

Almost two thirds (62 per cent) said they can’t defend ‘everything, all of the time’. Just above half (51 per cent) said employees are to blame, 50 per cent blamed the speed of change, and 46 per cent blamed the lack of resources.

“Many security solutions focus wholly on cyber-attack prevention, but determined attackers will always find a workaround. That’s why prevention alone is not enough, and perhaps why the people spoken with during this study felt ill prepared,” suggests Peter Cohen, Strategic Director of Countercept.

“The reality is that the odds are very much stacked in the hackers’ favour, with organisations playing catch up as they try to anticipate an attacker’s next move, trying to stay one step ahead instead of always constantly behind. But it’s not easy.”

Cohen says the biggest problem is that companies are trying to ‘prevent everything’ instead of focusing on identifying damage-causing attacks.

“This is built on three key sources of data: log files, network traffic and the endpoint systems themselves,” he says.

“Visibility of all three is an absolute must to reverse the tables and identify the attacks that matter.”

Photo credit: Tashatuvango/Shutterstock