Majority of execs say cyber attacks a greater national threat than physical attacks

A slight majority of C-level executives and IT security professionals taking part in a global survey report a hacker is or has been in their corporate network, while the vast majority say cyber attacks pose a greater national threat than physical attacks.

Findings from Cyber-Ark Software Inc.’s 7th annual Global Advanced Threat Landscape survey indicate 80% of C-level executives and IT security professionals believe cyber-attacks pose a greater risk to their nation than physical attacks, 51% believe a cyber-attacker is currently in their corporate network or has been in the past year, and 57% say that their company puts too much faith in perimeter security.

The survey was developed through interviews with 989 IT and C-level executives across North America, Europe and Asia Pacific (APAC), the Massachusetts-based global information security company noted in a press release this week.

Advanced attacks are almost always precipitated by perimeter-oriented tactical aggressions, such as phishing attempts, Cyber-Ark reports. Survey findings show the increasing ease with which attackers are breaching the enterprise perimeter is eroding confidence in perimeter security, the company suggests.

Cyber attackers are continuing to breach perimeter security at an accelerated rate, notes the company statement, necessitating the need for businesses to assume that attackers are already inside their networks and focus on securing the access points to critical data and assets.

“Cyber attackers have repeatedly demonstrated the ability to disrupt national financial systems, cause harm to critical infrastructure and severely damage businesses and economies,” John Worrall, chief marketing officer of Cyber-Ark, says in the statement.

“To achieve their goals, outside attackers must steal the privileged credentials of an authorized user to gain the access necessary to meet their objectives. This level of threat requires a proactive approach to security that protects and monitors the access points to the critical data and assets that attackers are targeting,” Worrall adds.

Other findings from the survey include the following:

• 61% of respondents believe that government and legislative action can help protect critical infrastructure against advanced threats. In the United States, only 57% of respondents believe legislation will be an effective tool compared to 64% in Europe and 61% in APAC.
• 64% of respondents indicate they are now managing privileged accounts as an advanced threat security vulnerability. That said, 39% of respondents either do not know how to identify where privileged accounts exist or are doing so manually.
• 56% of respondents do not know what their cloud service providers are doing to protect and monitor privileged accounts.
• 25% of respondents felt they were better equipped to protect their confidential information than their cloud provider – and yet they still entrust the third party with their data.