IT pros: most senior execs are ignorant about cyberattacks
Posted on | June 28, 2010 | add a comment
LastWatchdog has just gotten an exclusive sneak peak at the results of a NetWitness/Ponemon survey, due out next week. The survey of IT professionals who toil at big organizations reveals the extent to which CEOs, COOs and CFOs behave like ostriches, when it comes to grasping the scale and scope of cyberattacks against their respective organizations.
Ponemon Institute surveyed 591 IT professionals whose day-to-day duties revolve around securing the networks of major corporations and big government agencies. The poll asked questions about “advanced threats” — essentially proactive, sophisticated breaches or breach attempts. ” Key findings:
- 83% of respondents indicated their organization has been a recent target of advanced threats
- 41% said they were frequently attacked
- 81% felt that senior execs lacked awareness of the seriousness of advanced threats
Self-perpetuating disconnect
Netwitness CEO Amit Yoran says a big reason for this disconnect between IT pros and their senior execs is the fact that data loss disclosure laws cover only thefts of consumers’ Personally Identifiable Information, or PII. Nothing compels organizations to disclose any other kind of system breach. So few do.
“It self- perpetuates,” says Yoran. “Nobody wants to be the only one with egg on their face and they end up thinking the problem is far less than it actually is. This leads to an underinvestment in security and protective measures, and everything continues to snowball.”
The one major exception: Google. The search giant’s disclosure last January of a breach of databases kept at its Beijing, China offices (since closed) raised an international furor.
Google said the Gmail accounts of a handful of human rights activists were tapped, and used that as a pretense to all of sudden reject government censoring of its search results in China, after agreeing to censorship as a condition for doing business in that nation.
In March it closed the censored version of its search service, redirecting Chinese visitors to its Hong Kong-based site, and thus preserving most of the revenue from advertisers wanting to reach the Chinese market. Within days, the search giant began reporting conflicting reasons for glitches with the redirect feature.
USA Today founder Al Neuharth penned this editorial saying Google was “gutsy” to “spit in China’s eye,” comparing the boldness of the move to Richard Nixon becoming the first president to pay an official state visit to China in 1972.
Update: 29 June 2010. Google has just acquiesced and terminated automatic re-direct to its Hong Kong site for Chinese users.
Google’s going public paved the way for McAfee to disclose that some 30 other multinational corporations had been similarly attacked in a prototypical corporate espionage campaign dubbed, Operation Aurora.
Yoran notes that security vendors and IT pros know full well that Operation Aurora was just one flavor of corporate intrusions, which have become all too commonplace, a point LastWatchdog made in this 2008 investigative report. Yet most CEOs, COOs and CFOs still don’t realize just how pervasive corporate intrusions are.
Core assets targeted
LastWatchdog reported in this recent investigative report how cyber criminals have begun to intensively exploit the wide use of Facebook and other popular social networks in workplace settings to carry out corporate intrusions. The NetWitness/Ponemon survey reveals that 44% of corporate intrusions result in the loss of “confidential or sensitive information,” while 45% of attacks lead to “theft of intellectual property.”
“Those are some very telling statistics,” says Yoran. “We’re seeing just under half of these breaches result in loss of what are ultimately core assets to the organization.”
The full results of the NetWitness/Ponemon survey is scheduled for a July 6 release.
By Byron Acohido
