We often talk about different threats as if they stand alone: insider threats, outside hackers, ransomware attacks, DDoS, and so on. But perhaps the time has come to change the dialogue a bit and admit that threats are multi-layered. Malicious actors on the outside depend on insiders to make mistakes. They aren’t working in tandem (well, not usually), but hackers are increasingly depending on insiders to provide a way inside the perimeter.
A new study from Ponemon Institute and BrandProtect looks at security beyond the traditional perimeter like firewalls and how the bad guys are focusing on channels like email, social media or mobile apps as their method of attack. Usually, this attack method lets hackers bypass those traditional perimeters, thanks to insiders, and it is causing serious problems for security professionals. As the report pointed out:
… 62 percent of respondents say external threats are more difficult to detect than internal threats within the security perimeter and 52 percent of respondents say they are more difficult to contain than internal threats within the security perimeter.
The study had four major takeaways: The majority of those surveyed said that protecting intellectual property from outside threats is important to company sustainability, but at the same time, companies don’t have security processes in place to monitor threats from social media, external attacks are frequent and expensive, and companies do not have the security tools in place to mitigate external threats. Responding to this revelation, Larry Ponemon, president of the Ponemon Research Institute, said in a formal statement:
The majority of security leaders understand that these external internet threats imperil business continuity. [However] the study highlights a gap in defenses against threats that have proven to be extremely effective for cyber criminals and costly for enterprises.
What happens when hackers take advantage of those gaps in defenses? You end up with statistics like this: 50 percent of all SMBs were the victims of a breach in the past 12 months. Another Ponemon Institute study, this time partnering with Keeper Security, also found that these breached SMBs spent nearly a million dollars in damaged assets and disrupted operations. It isn’t surprising that SMBs are falling prey to so many attacks, as eSecurity Planet pointed out:
Just 14 percent of SMBs rate their ability to mitigate cyber attacks as highly effective. The reasons for those shortcomings, according to respondents, include insufficient personnel (67 percent), insufficient budget (54 percent), insufficient enabling security technologies (44 percent), and no understanding of how to protect against cyber attacks (39 percent).
In a formal statement, I believe that Roberto Drassinower, CEO of BrandProtect, was spot on with his comments:
The majority of enterprises still have a long way to go. Despite losing millions of dollars annually to external and branded exploits, security teams are dealing with a significant readiness gap.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba