Skip to main content

New report reveals surprising lack of cyber security preparedness

According to a new study published by the Ponemon Institute (opens in new tab) and sponsored by behavioural analytics specialist Prelert (opens in new tab), half of IT security practitioners in the US view their organisation as an unlikely target for attack.

The report also reveals a lack of cyber-preparedness with 61 per cent of respondents admitting a lack of confidence in their organisation's ability to detect advanced threats.

When asked about the type of attacks that cause the greatest concern, the most common answer is advanced persistent threats (67 per cent), followed by zero-day attacks (57 per cent) and login attacks (37 per cent).

Yet despite worrying about these threats respondents showed a lack of urgency in adopting changes to deal with them. Asked how their use of advanced threat detection technologies would change 12 months from now, 49 per cent said their usage would either not change or decrease.

"This research reveals some major disconnects that IT professionals seem to have between perception and reality. While even circumstantial evidence points to the increasing volume and severity of cyberthreats, it's shocking to learn that half of security pros don’t even view themselves as a target," says Dr Larry Ponemon, chairman and founder of the Ponemon Institute. "We're also seeing discrepancies in the way teams are viewing and reacting to advanced persistent threats. Overall, they're not confident in their ability to detect advanced threats, but they’re not doing much about it. It's clear that new solutions are needed".

Only 36 per cent of respondents say that they're using security analytics, but there's high recognition of its importance. 90 per cent believe security analytics is either essential (19 per cent), very important (45 per cent) or important (26 per cent) to their organisation's ability to maintain strong security.

The importance of machine learning is recognised by 83 per cent as part of a security policy. Spotting the difference between abnormal and normal behaviour is said by 59 per cent of respondents to be important to identifying suspicious artifacts that could verify potential intrusions. However, only 38 per cent say their IT security team can do this.

More findings are available in the full report (opens in new tab) which is available to download from the Prelert website.

Photo Credit: Jirsak (opens in new tab)/Shutterstock (opens in new tab)

Ian Barker
Ian Barker

Ian Barker worked in information technology before discovering that writing about computers was easier than fixing them. He has worked for a staff writer on a range of computer magazines including PC Extreme, was editor of PC Utilities, and has written for TechRadar, BetaNews, IT Pro Portal, and LatestGadgets.