Threat Intelligence

6/26/2018
09:00 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Black Hat Survey: Enterprise Tech, US Government Unprepared for Cyberattacks

The 2018 Black Hat Attendee survey reveals worries over the effectiveness of enterprise security technology, and threat to US infrastructure.

More than two-thirds (69%) of cybersecurity experts predict a successful cyberattack will hit US infrastructure within the next two years – and a majority express low confidence both in security technology to protect their organizations and in the US government to defend the nation against attacks.

Respondents of the 2018 Black Hat Attendee Survey, a group of 315 IT and security pros who attended the conference in 2017 or who are registered for this year's conference, were asked to rate the effectiveness of technologies available to enterprise security teams. It was the first time this question was included in the survey and responses indicate the security community sees ample room for improvement.

In a list of 18 technologies, only three were rated as "very effective" or "somewhat effective" by a majority of participants: encryption, multifactor authentication tools, and firewalls. The remaining 15 were ranked "effective" by 47% or fewer respondents with mobile security tools, data leak protection, and passwords rounding out the bottom three. Only 19% said passwords are very/somewhat effective; 37% said they are "not at all effective" or "not very effective."

It wasn't the only area where most attendees were in agreement. Respondents voiced similar thoughts on many areas across the security spectrum including which nation(s) will be behind a major cyberattack on the US, staffing issues, and concerns around data security and privacy.

Meanwhile, security pros feel under-resourced again this year: the majority of respondents say they do not have enough staff, budget, or training to meet the threats their organizations will face in the next 12 months.

Cyberattacks Threaten an Ill-Prepared US Government

The majority (52%) of respondents think Russian cyber activity had a "substantial impact" on the 2016 US election. Seventy-one percent think cyber initiatives from Russia, China, and North Korea threaten the security of US data, the report states.

One open-ended question asked attendees which global or political issues concern them most. Many cited nation-state threats ranging from espionage to steal US enterprise data to "all-out cyberwar." Many cited issues affecting the US government: election fraud, lack of cyber resources, and the choice to eliminate the position of federal cyber advisor.

Forty-three percent of experts polled think the greatest threat to US infrastructure is an attack by a large nation-state such as Russia or China. However, it seems an attack by a financially motivated cybercriminal group is more concerning (11%) than an attack from a politically motivated terrorist group (7%) or a rogue nation-state like North Korea (3%).

The danger is real but most don't think the US is equipped to face it: Only 15% of respondents think the government understands cyberthreats and will take steps to defend the country. Thirteen percent think Congress and the White House understand the cyberthreat and only 16% of respondents approve of President Trump's performance, the report shows.

The Future of Privacy is Bleak

Security experts have a gloomy outlook on the state of data privacy, a mindset shaped by the recent Facebook investigation, data breach reports, and European General Data Protection Regulation (GDPR), which went into effect last month. Thirty percent of respondents claim they haven't begun any GDPR-related initiatives, nor do they know if their business is compliant. More than one-quarter (26%) don't think they are subject to GDPR regulations.

More than half (55%) of respondents say they advise customers and internal users to reconsider data shared on Facebook. The majority (65%) limits their own Facebook usage or avoids the social platform entirely due to security concerns. Only 26% of respondents think it will be possible for people to protect their online identity and privacy in the future.

"This is a bleak outlook indeed when coming from those who understand the threat best, and in many cases, are professionally tasked with protecting that data," the report states.

Related Content:

Why Cybercriminals Attack: A DARK READING VIRTUAL EVENT Wednesday, June 27. Industry experts will offer a range of information and insight on who the bad guys are – and why they might be targeting your enterprise. Go here for more information on this free event.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
nirgx
100%
0%
nirgx,
User Rank: Author
7/10/2018 | 8:06:58 PM
Effectiveness of Technologies
After looking at the survey, specifically the list of "Effectiveness of Technologies in Protecting Data", I wouldn't say the results are surprising - passwords at 19% and AV at 30% is actually pretty good reflection of reality. But firewalls at 62% is kind of ruining that. With today's attack techniques, most hackers that successfully penetrate an organization wouldn't even know a firewall was there.
thescottking
50%
50%
thescottking,
User Rank: Apprentice
6/28/2018 | 10:36:30 AM
Inevitable
Endpoint ( mobile, IoT ) proliferation for monitoring and controls is going exacerbate the resources issue well into the future. Lines of business wants more speed and efficiency but the constraints on security teams severely limit the demand from the business. Tell your kids to get computer science and cyber related degrees.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
6/26/2018 | 10:55:38 PM
Already
Cyberattacks on US infrastructure have almost certainly happened already. Researchers have previously been able to demonstrate proofs of concept if not actually compromise dams and other critical infrastructure.

This goes extra if we count voting as infrastructure, given how notoriously unsecure voting machines and online voting are.
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure Mentem,  7/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-3770
PUBLISHED: 2018-07-20
A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.
CVE-2018-3771
PUBLISHED: 2018-07-20
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
CVE-2018-5065
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2018-5066
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-5067
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.