Ricci Dipshan , Legaltech News
Legal professionals have been hearing the same battle cries for some
time now: protect yourself, and cyberattacks are more advanced than ever, and reaching record levels. But how does one go about this?
Surely, one with a heavily invested cybersecurity infrastructure is insulated
from the worst criminals on the deep web, right?
It is a simple proposition, but one
that belies the nature of cyberthreats. For nothing in cyberattacks is direct
or easy — and for many U.S. business, according to Tech Sentry’s and IDG
Connect’s “Strong Security Needs Flexible Software Tools” survey of 211
U.S.-based IT staff, spending big on cybersecurity does not always equate to
protection.
The survey found that the vast
majority of U.S. companies (88 percent) spend at least $100,000 per year on
cybersecurity, with almost half (48 percent) spending more than $500,000 per
year. Only 12 percent spent less than $100,000, while 9 percent spent more than
$5 million.
The report also cited a Gartner
study that showed annual IT security budgets have seen consistent double-digit
growth over the last decade with no change expected in the near future. Gartner
pegged IT security sending at $77 billion in 2015, and predicted it would hit
$101 billion by 2018.
Despite the rising amounts of
security investments, however, almost half (46 percent) of respondents admitted
their company previously experienced some form of cyberattack. Of the companies
attacked, 26 percent were infected with Trojans or viruses, such as botnets or
ransomware that severely impacted their business, while 48 percent experienced
a similar attack, but were mildly impacted. Only 26 percent said their attack
had no impact whatsoever, in part due to the effectiveness of their
cybersecurity infrastructure.
So why aren’t cybersecurity
investments producing better dividends?
Dodi Glenn, vice president of
cybersecurity at PC Pitstop, told Legaltech News that this is in part because
the high spend is directed at cybersecurity products offering false hopes
instead of at the right platforms.
“Put simply, marketing dollars are
being spent in massive amounts, claiming to prevent 100 percent of the attacks
in the wild,” she said. “However, this is clearly not the case, as evident by
the ransomware attacks slipping through multiple layers of defense. Spending
more money on cybersecurity defenses does not directly correlate with ‘better
protection.’ Spending the money for the correct products for your environment,
however, will provide better protection.”
In a statement announcing the
survey, Rob Cheng, CEO at PC Pitstop, also suggested that traditional
cybersecurity approach needs to change. “The security problem is getting
consistently worse, the consequences are getting consistently larger, and the
frequency is growing. It’s time to consider a new architecture—the existing
model isn’t working.”
He advised the use of whitelisting
technology in cybersecurity defenses, which unlike blacklisting, maintains
lists of approved email addresses, applications, websites, etc. that can run on
company and client devices. The survey found that 91 percent of respondents
would be willing to consider deploying a whitelisting technology, despite the
risk of it erroneously blocking good files and programs.
Other cybersecurity and IT experts,
however, see the shortcomings of modern cybersecurity defenses as a deficiency
in a strategy that focuses on endpoint protection and not network and data
behavior.
CounterTack CTO Mike Davis previously told Legaltech News how the “detect and respond” approach, which focuses
on “the behaviors of process, memory, and files within the endpoint itself and
not the communications,” and “differs from a traditional firewall in that
firewalls focus on network traffic, the communications between endpoints and
servers,” is gaining traction among IT professionals.
The 2016 State of the Endpoint Report, a survey of 694 U.S. IT
professionals released by Countertrak and the Ponemon Institute, found that 95
percent of respondents expected their organization to move towards such an
approach in the near future. The report also found that 60 percent of companies
focus more on data protection than endpoint security, up from 55 percent in
2015.
Low-Impact CyberThreats? Think Again
Despite heavy investments in
cybersecurity, some companies may be missing cyberthreats altogether, such as
“the low-impact, commonly distributed threats” Glenn said. “What everyone needs
to remember is that any of these pieces of malware could easily establish a
foothold within a company. All it takes is for one hacker to gain access and
turn it over to someone who would be more interested in the treasure chest of
data. It isn’t uncommon for someone to hack into an organization, then sell the
pilfered data on the underground market.”
Indeed, the survey found that 59
percent of respondents reported that adware is having a mild impact on their
business, while only two percent of IT managers believe they have any serious
consequences. Yet according to a white paper by Cybereason Lab Research, low-level threats are evolving into
more malicious and dangerous intrusions.
Most companies, however, are hoping
to avoid such infiltration by using an array of security solutions, The survey
found eighty percent of respondents, for example, deploy two or solutions,
while 62 percent saying they deploy at least three.
The most widely used security
platform (82 percent) was a network appliance product, such as a firewall or
VPN, while 56 percent also use email security hardware that performs filtering
and encryption. Over half (55 percent) deploy specific protection against
distributed denial of service (DDoS) attacks, and 47 percent use content
filtering. Forty-two percent deploy a patch
management platform.
No comments:
Post a Comment