Most IT sec pros still rely on perimeter security to stop APTs

78 percent of IT security professionals are confident that firewalls and antimalware tools are robust enough to combat today’s advanced persistent threats, say the result of a new survey from Lieberman Software Corporation. These findings highlight the fact that while cybercrime is on the rise, many organisations are still dangerously relying on outdated perimeter security solutions to defend against the latest threats.

The survey, which was carried out at Black Hat USA in August 2014, also revealed that 22 percent of those surveyed do not think that tools like firewalls and antivirus are able to defend against APTs. However, given the surge in organisations suffering advanced targeted cyber attacks, this number should have been much higher.

58% of the polled IT security pros are not confident that their network has never been breached by a foreign state-sponsored attack or advanced persistent threat, and 59% of respondents think a state-sponsored attack will attempt to breach their organization in the next six months.

Of these, 44% are not confident that their IT staff can detect the presence of an attacker who attempts to breach their network or extract private data, and the same number of security pros do not think their organization’s security products and processes can keep up with new and emerging security threats.

Commenting on the survey findings, Philip Lieberman, CEO of Lieberman Software, said: “Our survey reveals that while the majority of organizations are prepared for amateur hackers and low-level criminals, they are completely ill-equipped to deal with today’s advanced attacks. Traditional perimeter security products are effective at spotting and stopping known threats, but they can’t keep up with today’s rapidly increasing volume of advanced targeted attacks. The most effective methods for securing yourself from these types of attacks are the use of air-gap networks (machines not connected to the internet) that disconnect systems with sensitive data. Assume that others have already penetrated your network and institute multi-factor authentication and adaptive privilege management to assure that a compromised system is not a jumping off point for an organization wide attack.”

“The latest targeted cyber-attacks on government organizations and high-profile companies show the need for better awareness and responsiveness in cyber security. Organizations should no longer be solely dependent on perimeter security products, like firewalls and intrusion detection, to protect their systems. Today they need IT staff who are better trained to identify potential attacks, and defense-in-depth security solutions that can restrict lateral movement in the network when attacks do manage to penetrate the perimeter,” continued Lieberman.