ISACA: End Users Wrongly Fighting APTs With AV

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

More than one in five firms have been stung by an APT attack, according to research from the global body.

Editor’s note:  As part of our special editorial partnership, Channelnomics is publishing this recent article from CRN in the UK.
End users are leaning too heavily on traditional security technologies such as firewalls and antivirus software to stave off the growing threat posed by advance persistent threats (APTs).That is the conclusion of IT association ISACA, whose research of 1,500 global IT security professionals suggests more than one in five enterprises have been stung by an APT attack.Known for their sophisticated, stealthy and unrelenting nature, APTs are used by cybercriminals to steal intellectual property. Recent attacks such as Google Aurora and the RSA breach show the method poses a major threat to companies in all industries, not just government, ISACA says.

Some 60 percent of those polled in Q4 by ISACA say they thought it would only be a matter of time before their firm was targeted. And some 94 percent thought APTs represent a credible threat to national security and economic stability.

Related articles

But despite this, most enterprises are employing ineffective technologies to protect themselves against APTs, ISACA says. Some 95 percent are fending off the threat with antivirus and antimalware, with 93 percent attempting to stop APTs using network perimeter technologies such as firewall. ISACA says this is "concerning," given that APTs are known to have evaded such controls.

In contrast, mobile security controls -- which ISACA said can be quite effective -- are used much less frequently.

"While these controls [AV and firewalls] are proficient for defending against traditional attacks, they are probably not as suited for preventing APTs," the report states. "This is true for a number of reasons: APTs exploit zero-day threats, which are often unknown vulnerabilities, and many APTs enter the enterprise through well-designed spear phishing attacks. This indicates that additional controls -- such as network segregation -- and perhaps an increased focus on e-mail security and user education could be beneficial."

ISACA says the survey suggests there's still a gap in the understanding of what APTs are and how to defend against them.

Although 68 percent of respondents say they are familiar with APTs, 53 percent labor under the misconception that APTs are similar to traditional threats.

For more UK channel coverage from CRN, visit www.channelweb.co.uk

 

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Business Intelligence
IBM Watson supercomputer

IBM Makes Watson More Accessible, Productive

IBM is making its Watson cognitive computing platform more available to businesses of all sizes, with the intent of helping more companies tap the power of natural-language and predictive analytics. The program complements ongoing efforts to develop a Watson channel.

cyber-security

Security Services To Soar Thanks To Internet Of Things

Gartner predicts there will be 26 billion connected "things" by 2020 - many of which will need securing in a corporate setting

Man spending cash

Business Analytics Spending Forecasted To Soar, Says IDC

Business analytics spending will rise by 14.7 percent according to IDC

nest-egg-money-incubator-accelerator

Report: Late Supplier Payment Becoming The Norm

More than half of global businesses admit to delaying supplier payments according to new study

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
Welcome sign in Las Vegas

Love me vendor, love me true

Vendors put on a series of presentations, roundtables and discussions about their offerings at the Ingram Micro ONE event in Las Vegas last week, with appearances from Microsoft, Lenovo and Acer to name a few. Ingram also made a number of announcements itself at its inaugural Ingram Micro ONE fall event. Jessica Meek reports

geyser-emitting-steam

Palo Alto Networks’ Traps shows volatility in endpoint protection

Palo Alto ventures away from its sweet spot in enterprise security with the launch of Traps, a complementary technology that safeguards endpoints from malware. The new product shows how endpoint security is shifting from traditional antivirus technologies.

May Mitchell president of marketing North America at Symantec

Vendor Q&A Series: May Mitchell, Symantec

The latest vendor exec. to sit in the Channelnomics hot seat is Symantec's marketing vice president for North America

james-perry

Vendor Q&A Series: James Perry, Bloxx

The latest vendor to brave the Channelnomics Q&A is Bloxx' U.S. channel manager James Perry