71 percent of IT professionals can successfully hack any organisation

Survey shows IT professionals believe they can successfully infiltrate any organisation using one of four key attack vectors.

  • 5 years ago Posted in
Outpost24, an innovator in identifying and managing cyber-security exposure, has published the results of a survey of 155 IT professionals, which revealed that 71 percent believe they can successfully hack any organisation using one of four common attack vectors, with social engineering being the most popular choice.

 

The survey, which was carried out at the RSA Conference in April 2018, asked respondents about the techniques they would use to hack an organisation and 34 percent revealed that would use social engineering, 23 percent said they would enter via insecure web applications, 21 percent said via mobile devices while a further 21 percent said they would enter via a public cloud. Survey respondents were also extremely confident in their attack vectors, with 71 percent saying they would be successful.

 

Commenting on the survey, Bob Egner, VP of Product at Outpost24, said: “Our study shows how confident IT professionals are that most of today’s organisations are not as secure as they might believe, and will be easy to attack. Hackers understand there are key areas of technology which organisations will often overlook in terms of cyber-security and they will target these weaknesses first. A comprehensive security posture covers the full stack - network infrastructure, cloud environments, applications, mobile devices and even people. The study also demonstrates that once again people are viewed as the weakest link, so it is important that security teams understand the critical role they play in educating their staff on cyber-security issues.”

 

The study also asked respondents about their use of commercial clouds, like Amazon Web Services and Microsoft Azure. Findings revealed that 75 percent of respondents use a commercial cloud to host their organisation’s data. When respondents were asked if they use the same security in their cloud environment as they do to their owned assets or data centres, 41 percent said they did, 38 percent said they didn’t use the same security, while 22 percent were not sure.

 

“What many of the IT professionals are clearly not aware of is the evolving security requirements for cloud compared to on-premise environments. Security in the cloud is more around configurations rather than perimeter controls, which means that the tools and techniques an organisation uses to secure its on-premise data will be different from the tools they use in the cloud. While some security vendors may recommend using traditional end-point security in the cloud, the reality is it won’t be as effective. Organisations should instead look to vendors that specialise in security in the cloud,” continued Egner.  

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...