Saudi Arabia, Azerbaijan discuss energy joint cooperation and climate action    Vegetation cover in Saudi nature reserve increases to 8.5%    Largest international conference for religious leaders in Asia to be hosted in Kuala Lumpur    Defense minister launches King Faisal Air Academy's new facilities, attends graduation ceremony    Groundbreaking Ceremony for Al-Asasyah Advanced Industry HVAC Smart Factory in Dammam    Saudi Arabia among top 20 global car markets    Key Car rental introduces innovative monthly key subscription service    Prince Badr Bin Abdulmohsin, icon of Saudi poetry, dies at 75    Health Ministry reports no new cases in food poisoning incident, one death confirmed    Targeting Rafah could lead to slaughter, warns UN aid agency    Japan calls Biden 'xenophobic' comments 'unfortunate'    Saudi Arabia initiates anti-dumping probe into steel imports from China and Taiwan    Loay Nazer announces candidacy for presidency of Al-Ittihad    Al-Nassr sets up thrilling clash with Al-Hilal in King's Cup final after defeating Al-Khaleej    Karim Benzema seeks medical consultation in Madrid for ongoing injuries    Al-Hilal beats Al-Ittihad in heated King's Cup semi-final    Infinix GT 20 Pro flagship launch: Revolutionizing esports-level gaming and ushering in a new era of the holistic gaming universe    SFDA: Breast-milk substitute products are sugar-free complying with Saudi specifications    'Zarqa Al Yamama': Riyadh premieres first Saudi opera    Australian police launch manhunt for Home and Away star Orpheus Pledger    JK Rowling in 'arrest me' challenge over hate crime law    Trump's Bible endorsement raises concern in Christian religious circles    Hollywood icon Will Smith shares his profound admiration for Holy Qur'an    We have celebrated Founding Day for three years - but it has been with us for 300    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



IT managers struggling to keep up with cyberattacks
The Saudi Gazette Published in The Saudi Gazette on 28 - 07 - 2019

IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up to date technology, Sophos, a global leader in network and endpoint security, said in its global survey "The Impossible Puzzle of Cybersecurity" released recently.
The survey polled 3,100 IT decision makers from mid-sized businesses in the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa.
The survey noted that cybercriminals use multiple attack methods and payloads for maximum impact.
The Sophos survey showed how attack techniques are varied and often multi-staged, increasing the difficulty to defend networks. One in five IT managers surveyed didn't know how they were breached, and the diversity of attack methods means no one defensive strategy is a silver bullet.
"Cybercriminals are evolving their attack methods and often use multiple payloads to maximize profits. Software exploits were the initial point of entry in 23 percent of incidents, but they were also used in some fashion in 35 percent of all attacks, demonstrating how exploits are used at multiple stages of the attack chain," said Chester Wisniewski, principal research scientist, Sophos. "Organizations that are only patching externally facing high-risk servers are left vulnerable internally and cybercriminals are taking advantage of this and other security lapses."
The wide range, multiple stages and scale of today's attacks are proving effective. For example, 53 percent of those who fell victim to a cyberattack were hit by a phishing email, and 30 percent by ransomware. Forty-one percent said they suffered a data breach.
The survey noted that weak links in security increasingly lead to supply chain compromises.
Based on the responses, it's not surprising that 75 percent of IT managers consider software exploits, unpatched vulnerabilities and/or zero-day threats as a top security risk. Fifty percent consider phishing a top security risk. Alarmingly, only 16 percent of IT managers consider supply chain a top security risk, exposing an additional weak spot that cybercriminals will likely add to their repertoire of attack vectors.
"Cybercriminals are always looking for a way into an organization, and supply chain attacks are ranking higher now on their list of methods. IT managers should prioritize supply chain as a security risk, but don't because they consider these attacks perpetrated by nation states on high profile targets. While it is true that nation states may have created the blueprints for these attacks, once these techniques are publicized, other cybercriminals often adopt them for their ingenuity and high success rate," said Wisniewski. "Supply chain attacks are also an effective way for cybercriminals to carry out automated, active attacks, where they select a victim from a larger pool of prospects and then actively hack into that specific organization using hand-to-keyboard techniques and lateral movements to evade detection and reach their destination."
According to the Sophos survey, IT managers reported that 26 percent of their team's time is spent managing security, on average. Yet, 86 percent agree security expertise could be improved and 80 percent want a stronger team in place to detect, investigate and respond to security incidents. Recruiting talent is also an issue, with 79 percent saying that recruiting people with the cybersecurity skills they need is challenge.
Regarding budget, 66 percent said their organization's cybersecurity budget (including people and technology) is below what it needs to be. Having current technology in place is another problem, with 75 percent agreeing that staying up to date with cybersecurity technology is a challenge for their organization. This lack of security expertise, budget and up to date technology indicates IT managers are struggling to respond to cyberattacks instead of proactively planning and handling what's coming next.
"Staying on top of where threats are coming from takes dedicated expertise, but IT managers often have a hard time finding the right talent or don't have a proper security system in place that allows them to respond quickly and efficiently to attacks," said Wisniewski. "If organizations can adopt a security system with products that work together to share intelligence and automatically react to threats, then IT security teams can avoid the trap of perpetually catching up after yesterday's attack and better defend against what's going to happen tomorrow. Having a security ‘system' in place helps alleviate the security skills gap IT managers are facing. It's much more time and cost effective for businesses to grow their security maturity with simple to use tools that coordinate with each other across an entire estate."
With cyberthreats coming from supply chain attacks, phishing emails, software exploits, vulnerabilities, insecure wireless networks, and much more, businesses need a security solution that helps them eliminate gaps and better identify previously unseen threats. Sophos Synchronized Security, a single integrated system, provides this much needed visibility to threats by integrating Sophos endpoint, network, mobile, Wi-Fi, and encryption products to share information in real-time and automatically respond to incidents. More information about Synchronized Security is available at Sophos.com.
The Impossible Puzzle of Cybersecurity survey was conducted by Vanson Bourne, an independent specialist in market research, in December 2018 and January 2019. — SG

Clic here to read the story from its source.