Almost a third of organisations unable to detect intruders on network  

New Lieberman Software study reveals organisations are relying on traditional IT security solutions to protect against modern day cyber attacks.

  • 9 years ago Posted in

A  survey from Lieberman Software Corporation revealed that 83 percent of IT security professionals are still confident that their perimeter security tools, like firewalls, can react quickly enough to defend against today’s sophisticated cyber attacks. This assumption could ultimately be putting consumer and business data at risk.
The study, which was conducted at Microsoft Ignite in May 2015 and measured the attitudes of nearly 150 IT professionals, also revealed 29 percent of those surveyed do not feel confident that their IT teams would have the ability to detect an intruder attempting to breach their network. However, this could be a result of the tools they are using not having the capability to detect today’s stealthy hackers.


Commenting on the survey findings, Philip Lieberman, CEO of Lieberman Software, said: “Next generation firewalls, intrusion detection systems and the like can be potent deterrents to known dangers. But when it comes to advanced zero day threats and precisely targeted phishing attacks, perimeter security tools are ineffective. Companies still relying on these solutions to protect against today’s advanced cyber attacks should prepare for the consequences.”


Other findings from the study revealed that when an intruder is detected on an organisation’s network the most common mitigation technique is for IT staff to take manual action to stop them carrying out further malicious activity.


“Competent attackers are capable of quiet intrusions and the take-over of existing credentials found on compromised systems,” Lieberman said. “With that in mind, we recommend regular reboot of systems, discontinuance of the use of domain administrator accounts, regular invalidation of Kerberos tickets to force re-authentication, and the use of very short lifetime credentials for passwords, SSH keys and certificates used for authentication. “


“We also recommend automating privileged identity management and removing humans from the process of service account password changes,” Lieberman continued. “This reduces the manual burden placed on IT staff and helps overcome automated cyber attacks that nest within environments, hoping to use long lived administrative passwords.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...