ThreatTrack Security, a company specializing in identifying and stopping targeted attacks and sophisticated malware, has published the results of a study that reveals a broad concern among enterprises about the vulnerability of their systems against cyber-attacks.
The survey found that more than two-thirds of executives are concerned their companies will not be able to stop such threats, and one in five say their biggest concern is not knowing whether an attack is underway.
These fears, however, seem to have little influence in encouraging executives to protect their networks by adopting best practices in cyber-defense technologies and specialized personnel. Nearly half — 47% — report that they are not making use of advanced malware analysis tools, and 42% report not having an Incident Response Team in place, and
Other key findings from the survey include:
- One third of the enterprises surveyed say they are aware of a targeted malware attack against their company, including 50% of financial services firms and 53% of manufacturing companies.
- 82% of financial services firms are concerned about Advanced Persistent Threats (APTs), targeted attacks, Zero-day threats and other sophisticated attacks, but only half of them employ an advanced malware analysis tool like a sandbox.
- 36% of enterprises say they are more concerned about losing proprietary intellectual property and trade secrets in a breach than they are about losing their customers’ personally identifiable information — such as credit card data, social security numbers or medical records.
- 97% of enterprises with annual security budgets over $1 million still report concerns that they are vulnerable to malware attacks and cyber-espionage tactics.
In a companion survey of 203 U.S. consumers 71% of respondents indicate that the companies that hold their personally identifiable information were either not doing everything they could to protect that data (43%) or were not sure whether that was the case (28%).
Almost half (47%) say they have been notified at some point that their information has been compromised by a breach, and of those respondents, another 47% say that even after being notified, they still did not feel well-informed or reassured that their data would be safe.
Even with this lack of confidence in enterprises, consumers do not trust the government to get involved, either, when it comes to their personal information. A majority — 70% — do not believe the government should dictate to private companies how they handle and store private data or which technologies they should use to secure their networks.
For full survey results, and an executive report with additional analysis click here.