Saudi ambassador to UK voted MENA diplomat of 2025    Saudi Awwal Bank signs SR2 billion credit facility with Saudi Binladin Group to propel development of King Fahd Sports City in Riyadh    Feast of Flavors and Prizes: LuLu Hypermarket kicks off the "World Food Festival" across Saudi Arabia    Pakistan closes airspace, suspends visaas in tit-for-tat measures against India    Saudia Group signs deal with Airbus for flyadeal's first wide-body aircraft    Saudi non-oil exports surge 14.3 percent to SR26.11bn in February    Saudi, Greek ministers co-chair inaugural meeting of Strategic Culture Committee    Israeli strikes across Gaza kill at least 26, Palestinian officials say    Trump's trade war olive branch met with derision and mistrust inside China    Ministry of Justice launches centralized court model to enhance judicial efficiency    Kyiv hit by deadly Russian missile and drone attack    Saudi Arabia elected chair of Asia region of World Meteorological Organization    Saudi Theater Commission launches its Work and Learn Project in UK    The season has begun — and one comment shook us all    Jennifer Lopez dazzles in Jeddah with a Formula 1 performance    Saudi Arabia open to expanded 64-team World Cup in 2034, says sports minister    Average life expectancy in Saudi Arabia rises to78.8 years    Super Max Verstappen scorches to pole with record lap in Jeddah    Film Commission launches 'Cinema' initiative to enhance content    Famed Philippine film star Nora Aunor dies at 71    Pakistani star's Bollywood return excites fans and riles far right    Veteran Bollywood actor Manoj Kumar dies at 87    Bollywood actress vindicated over boyfriend's death after media hounding    Grand Mufti rules against posting prayers and preaching in mosques on social media    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



IT managers struggling to keep up with cyberattacks
The Saudi Gazette Published in The Saudi Gazette on 28 - 07 - 2019

IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up to date technology, Sophos, a global leader in network and endpoint security, said in its global survey "The Impossible Puzzle of Cybersecurity" released recently.
The survey polled 3,100 IT decision makers from mid-sized businesses in the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa.
The survey noted that cybercriminals use multiple attack methods and payloads for maximum impact.
The Sophos survey showed how attack techniques are varied and often multi-staged, increasing the difficulty to defend networks. One in five IT managers surveyed didn't know how they were breached, and the diversity of attack methods means no one defensive strategy is a silver bullet.
"Cybercriminals are evolving their attack methods and often use multiple payloads to maximize profits. Software exploits were the initial point of entry in 23 percent of incidents, but they were also used in some fashion in 35 percent of all attacks, demonstrating how exploits are used at multiple stages of the attack chain," said Chester Wisniewski, principal research scientist, Sophos. "Organizations that are only patching externally facing high-risk servers are left vulnerable internally and cybercriminals are taking advantage of this and other security lapses."
The wide range, multiple stages and scale of today's attacks are proving effective. For example, 53 percent of those who fell victim to a cyberattack were hit by a phishing email, and 30 percent by ransomware. Forty-one percent said they suffered a data breach.
The survey noted that weak links in security increasingly lead to supply chain compromises.
Based on the responses, it's not surprising that 75 percent of IT managers consider software exploits, unpatched vulnerabilities and/or zero-day threats as a top security risk. Fifty percent consider phishing a top security risk. Alarmingly, only 16 percent of IT managers consider supply chain a top security risk, exposing an additional weak spot that cybercriminals will likely add to their repertoire of attack vectors.
"Cybercriminals are always looking for a way into an organization, and supply chain attacks are ranking higher now on their list of methods. IT managers should prioritize supply chain as a security risk, but don't because they consider these attacks perpetrated by nation states on high profile targets. While it is true that nation states may have created the blueprints for these attacks, once these techniques are publicized, other cybercriminals often adopt them for their ingenuity and high success rate," said Wisniewski. "Supply chain attacks are also an effective way for cybercriminals to carry out automated, active attacks, where they select a victim from a larger pool of prospects and then actively hack into that specific organization using hand-to-keyboard techniques and lateral movements to evade detection and reach their destination."
According to the Sophos survey, IT managers reported that 26 percent of their team's time is spent managing security, on average. Yet, 86 percent agree security expertise could be improved and 80 percent want a stronger team in place to detect, investigate and respond to security incidents. Recruiting talent is also an issue, with 79 percent saying that recruiting people with the cybersecurity skills they need is challenge.
Regarding budget, 66 percent said their organization's cybersecurity budget (including people and technology) is below what it needs to be. Having current technology in place is another problem, with 75 percent agreeing that staying up to date with cybersecurity technology is a challenge for their organization. This lack of security expertise, budget and up to date technology indicates IT managers are struggling to respond to cyberattacks instead of proactively planning and handling what's coming next.
"Staying on top of where threats are coming from takes dedicated expertise, but IT managers often have a hard time finding the right talent or don't have a proper security system in place that allows them to respond quickly and efficiently to attacks," said Wisniewski. "If organizations can adopt a security system with products that work together to share intelligence and automatically react to threats, then IT security teams can avoid the trap of perpetually catching up after yesterday's attack and better defend against what's going to happen tomorrow. Having a security ‘system' in place helps alleviate the security skills gap IT managers are facing. It's much more time and cost effective for businesses to grow their security maturity with simple to use tools that coordinate with each other across an entire estate."
With cyberthreats coming from supply chain attacks, phishing emails, software exploits, vulnerabilities, insecure wireless networks, and much more, businesses need a security solution that helps them eliminate gaps and better identify previously unseen threats. Sophos Synchronized Security, a single integrated system, provides this much needed visibility to threats by integrating Sophos endpoint, network, mobile, Wi-Fi, and encryption products to share information in real-time and automatically respond to incidents. More information about Synchronized Security is available at Sophos.com.
The Impossible Puzzle of Cybersecurity survey was conducted by Vanson Bourne, an independent specialist in market research, in December 2018 and January 2019. — SG

Clic here to read the story from its source.