Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

Black Hat: European Security Pros Wrestling With Potential Breaches, Privacy Issues

Black Hat Europe attendee survey shows European cybersecurity leaders are uncertain of their ability to protect end user data - and are fearful of a near-term breach of critical infrastructure.

While 50 nations and 150 global companies gathered in Paris last week to boost the call for better cybersecurity, European IT security professionals this week are registering their concerns that the region isn't ready for an anticipated attack on critical infrastructure.

The 2018 Black Hat Europe Attendee Survey, published Wednesday, offers a sobering look at the state of cybersecurity defenses in Europe, bolstering the Paris meeting's conclusion that greater efforts are needed to protect data and infrastructure across national boundaries. 

Nearly two-thirds (65%) of security pros in Europe believe a successful cyberattack affecting the critical infrastructure of multiple EU nations will occur in the next two years, according to the Black Hat report. The survey of 132 high-level information security leaders was released in advance of the Black Hat Europe conference, which will take place in London Dec. 3 to 6. 

"Vital infrastructure is way behind on the cyberthreats," said one Black Hat survey respondent. "[Attackers] are often still hiding behind obfuscation techniques instead of [infrastructure] actually being secure." 

Another respondent agreed. "We have reached the point where it is possible to cause mass destruction by cyberattack," the respondent wrote. "This is a very worrying thing, as certain individual actors may cause large amounts of damage." 

This level of concern, which has changed very little since the 2017 Black Hat Europe Attendee Survey, mirrors similar concerns voiced by North American security pros in the Black Hat USA 2018 survey, in which 69% of respondents said they believe US critical infrastructure will suffer a breach in the next two years. And in each case, security pros are doubtful that their regional governments are prepared to respond to such a breach. Only 15% of US respondents believe the US government and private-sector entities are ready for imminent critical infrastructure attacks; 18% of EU respondents believe their regional governments are sufficiently prepared. 

Interestingly, two of the largest countries that declined to sign the Paris accord – Russia and China – are among the countries that European security pros fear most. According to a plurality of those surveyed (30%), the top threat to critical infrastructure is posed by large nation-states like Russia and China. Their concern also extends to their own environments; more than half of survey participants said they believe recent activity from Russia, China, and North Korea has made European enterprise data less secure. 

And concerns are not limited to critical infrastructure. Some three-quarters of European security pros said a major data breach will occur in their own organizations in the coming year. Only about a quarter of respondents said such a breach is unlikely to occur. 

In the area of privacy, European security leaders have a similar lack of confidence that current regulations – including GDPR, which went into effect in May – will prevent the loss and misuse of personal information, such as what Facebook experienced earlier this year. 

A solid 70% of European security pros said their organizations have dedicated resources to GDPR initiatives. Yet only slightly more than a third are confident in their organizations' state of GDPR compliance. Interestingly, while 85% of those surveyed think that GDPR will help at least a little in protecting individuals' privacy, fewer than one in four think that impact will be substantial. 

Like the participants at the Paris accord, many of the survey respondents called for a shift in security culture, both in organizations and among end users. 

"There's too much focus on technological solutions and experts, not enough focus on getting organizations and individuals to adopt secure processes and behaviors," commented one respondent. "Prevention is better than detection and cure." 

Another concurred: "Business is segmented, [which] leads to a mindset that security is the responsibility of someone else – and the security controls put in place to provide security are obstacles to be avoided, rather than embraced." 

Many of the European security pros continued to register concern about the shortage of trained cyberstaff in their organizations. Fewer than half of European security leaders said their organizations have enough staff to respond to the threats they expect to encounter in the next 12 months. 

"No company is staffed appropriately for security," one respondent said. "In my group, we have one security practitioner for each 107 software developers. That's an impossible ratio. Imagine 107 people creating dirty rooms, and one person responsible for cleaning each room – mission impossible. We need education, tooling, [and] technology to begin influencing software engineers to write more secure code." 

Related Content:

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
The Security of Cloud Applications
Hillel Solow, CTO and Co-founder, Protego,  7/11/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "SpearPhish! Everyone out of the office!"
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-13584
PUBLISHED: 2019-07-17
The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 allows Directory Traversal via a forged HTTP request.
CVE-2019-13585
PUBLISHED: 2019-07-17
The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 has a Buffer Overflow via a forged HTTP request.
CVE-2019-13631
PUBLISHED: 2019-07-17
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
CVE-2019-13614
PUBLISHED: 2019-07-17
CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server...
CVE-2019-10100
PUBLISHED: 2019-07-17
tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element's embed tab.