Cybersecurity Jumps Up The Corporate Agenda

Uploaded on 2018-08-22 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Security professionals are more worried about data breaches and cyber-attacks than they were a year ago, with most fearing that Meltdown-Spectre attacks are becoming the norm.

System compromises and ransomware are the greatest threats to organisations, with 20% listing both as their primary concern, according to Neustar’s International cyber benchmarks index report.

These are closely followed by distributed denial of service (DDoS) attacks (19%), financial theft (18%), and attacks on intellectual property (17%), the survey of security professionals across Europe, the Middle East, Africa and the US shows.

Nearly half of those polled (47%) see DDoS attacks as increasingly harmful to their organisation this year, up from 38% in 2017. On average, 40% of respondent organisations said they have been targeted by DDoS attacks.

Almost all companies surveyed (98%) have taken steps to minimise risks from attacks exploiting the Meltdown and Spectre chip vulnerabilities, with 90% of respondents saying they believe these attacks will become the norm.

Neustar’s Changing face of cyber-attacks report, which examined the effects of memcached attacks and the largest DDoS attack ever recorded at 1.7Tbps, demonstrates how the different types of threat propagating today, combined with the sheer volume of attacks, can paint a discouraging picture.

The report also underlines that today’s threats seldom occur in isolation. For example, a DDoS threat in one segment can divert attention from malware in another, while ransomware can be used to hasten data exfiltration.

According to the report, IPv6 attacks will rise as companies adopt the new standard. Neustar thwarted what is believed to be the first IPv6 attack, which presented a new direction that attackers are likely to pursue as more and more companies adopt IPv6 and run dual IPv4/IPv6 stacks, the report said.

Running IPv4 and IPv6 in parallel speeds up IPv6 network implementation, but works against consistent security, the report warns.

It adds that matters are complicated even further by the fact that many security tools still do not support IPv6 or may not be configured properly, which allows attackers to bypass firewalls and intrusion prevention systems, generating malicious IPv6 traffic that these controls do not recognise.

The growth of devices making up the Internet of Things (IoT) is paving the way for botnets, which are constantly evolving, the report said, pointing out that cyber criminals can rent or buy these botnets with ease, making these threats one of the biggest issues for enterprises today.

Rodney Joffe, Neustar senior vice-president and fellow, said the reports’ findings should come as no surprise to anyone.

“Yes, security professionals are becoming more concerned about the level of threat to their organisations, because that same level of threat is continuing to rise at an extreme rate,” he said.

“As we have seen over the past year, there are more threats to be aware of, whether in the form of DDoS, malware, application layer attacks or something else entirely, leaving professionals confused about where the next attack is coming from.

“To successfully prepare for a cyber-attack in today’s landscape is to accept that your organisation will be the next target. If you are online, you are susceptible to an attack. Whether you are most vulnerable or not is entirely up to you.”

Computer Weekly

You Might Also Read: 

Inside the Intel Chip Security Problem:

Get Serious About Hardware Cybersecurity:

 

« Phishing Tools Used To Attack The Power Grid
Blockchain In Plain English »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Chertoff Group

Chertoff Group

The Chertoff Group provide security advice and risk management services covering cyber security, insider threat, physical security and asset protection.

Council of European Professional Informatics Societies (CEPIS)

Council of European Professional Informatics Societies (CEPIS)

CEPIS is the representative body of national informatics associations throughout Europe and represent over 450,000 ICT and informatics professionals in 32 countries.

Kualitatem

Kualitatem

Kualitatem Inc. is an independent software testing and information systems auditing company

AVR International

AVR International

AVR educate, advise, analyse and provide professional, technical consultancy and support to ensure your business is safe, compliant and protected.

Cybrary

Cybrary

Cybrary is an open-source cyber security and IT learning and certification preparation platform.

Cyber Security Centre - Daffodil International University

Cyber Security Centre - Daffodil International University

Cyber Security Centre, DIU is a non-profitable organization which is focused on applied research in cyber security.

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI) is an independent, global think-tank. We bring together the world’s top global researchers to undertake ground-breaking research on blockchain technology.

Tesserent

Tesserent

Tesserent (formerly Pure Security) is a full-service cybersecurity solutions provider. We partner with clients across Australia and New Zealand in the protection of their digital assets.

Risk Ledger

Risk Ledger

Risk Ledger is improving the security of the global supply chain ecosystem, reducing the number of data breaches experienced through supply chain attacks by companies and consumers alike.

Kiberna

Kiberna

Kiberna are a small but niche company specialising in data driven security to manage your cyber risks.

CliftonLarsonAllen (CLA)

CliftonLarsonAllen (CLA)

CLA exists to create opportunities for our clients through industry-focused advisory, outsourcing, audit, tax, and consulting services.

Aptum

Aptum

Aptum is a global hybrid multi-cloud managed service provider delivering complex and high-performance cloud solutions with an integrated secure network.

AVEVA

AVEVA

AVEVA has a long history in providing Supervisory Control and Data Acquisition software for meeting complex and evolving automation requirements.

Oligo Security

Oligo Security

Oligo aims to streamline the usage of open source by making it secure and easy to protect. Through focusing developers on the relevant vulnerabilities we make the fixing process significantly shorter.

Frontal

Frontal

Frontal is a specialized unit in Blockchain and Web3.0 cybersecurity. Securing Digital Assets, Cryptocurrency, DeFi, Blockchain and Web3.0 ecosystem.

Arsen Cybersecurity

Arsen Cybersecurity

Arsen is a French cybersecurity startup, dedicated to enhancing human behaviors in cybersecurity.