Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Enterprise organisations describe weaknesses in malware detection and protection

Jon Oltsik | Jan. 17, 2014
Security teams point to problems with skills, malware knowledge, and forensics

Well here we are halfway through January and you can't cross the street without hearing about a malware attack or security breach somewhere - Neiman Marcus, Target, Yahoo, Yikes!

When my non-technical friends ask me what they should expect moving forward, I'm not exactly a beacon of hope. My usual response is something like, "get used to it, things will likely get worse."

To be clear, I'm not just a cynic (though it's hard to focus on privacy and security and remain an optimist), ESG data continually indicates that man enterprise organizations are understaffed and lack the right security skills for the current threat landscape. As a result, some security professionals have become the digital equivalent of Sisyphus - forever pushing the cybersecurity rock uphill without any progress.

Allow me to offer up some recent ESG research as an example. Security professionals working at enterprise organizations (i.e. more than 1,000 employees) were asked to rate their organizations' security processes for malware detection/prevention. The research revealed that:

  • 27% of security professionals rate their organization as "fair" or "poor" in their ability to remediate systems without having to re-image them.
  • 25% of security professionals rate their organization as "fair" or "poor" in their ability to discover the root cause of a security incident.
  • 23% of security professionals rate their organization as "fair" or "poor" with regard to their security team's knowledge of malware variants and techniques.

ESG further analyzed this data by segmenting the entire survey population into three buckets: Advanced organizations (i.e. those with relatively strong security skills and processes), progressing organizations (i.e. those with average security skills and processes), and basic organizations (i.e. those with below average security skills and processes). This analysis shows just how bad things can be. For example:

  • 5% of security professionals working at advanced organizations rate themselves as "fair" or "poor" in their ability to remediate systems without having to re-image them. By comparison, 22% of progressing and 61% of basic organizations rate themselves as "fair" or "poor" in their ability to remediate systems without having to re-image them.
  • 5% of security professionals working at advanced organizations rate themselves as "fair" or "poor" in their ability to discover the root cause of a security incident. By comparison, 22% of progressing and 52% of basic organizations rate themselves as "fair" or "poor" in their ability to discover the root cause of a security incident.
  • 13% of security professionals working at advanced organizations rate themselves as "fair" or "poor" with regard to their security team's knowledge of malware variants and techniques. By comparison, 17% of progressing and 41% of basic organizations rate themselves as "fair" or "poor" in their security team's knowledge of malware variants and techniques.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.