Naperville, IL – July 2, 2018 – Outpost24, an innovator in identifying and managing cyber-security exposure, today announced the results of a survey conducted at Infosecurity Europe, which looked at the attitudes of 269 IT professionals and revealed that UK organisations take a far more cautious approach to security than their US counterparts with 76 percent running security testing to understand their key assets and security exposure, in comparison to only 15 percent of US organisations.
The study also revealed that while 19 percent of UK respondents admitted that their organisation has at one time had to ignore a critical security incident because it didn’t have the skills or time to fix it, this was actually much better in comparison with US respondents. When Outpost24 carried out the same survey at RSA Conference in San Francisco in April 2018, an alarming 42 percent of IT professionals revealed they had ignored a security flaw they didn’t have the skills or time to address.
Respondents to the study were also asked what area of their IT estate they consider to be the least secure. This revealed 37 percent are most concerned about mobile devices, 35 percent are most concerned about their Internet of Things (IoT) devices, eight percent said cloud infrastructure and applications, a further eight percent said web applications while seven percent said data assets databases and shares. Owned infrastructure and data centres seem to cause the least concern, with only five percent saying they were least secure. These findings are also in stark contrast to Outpost24’s RSA study where survey respondents were most concerned about cloud infrastructure and applications (25 percent) and only 20 percent of respondents said they were most concerned about mobile devices, which is significantly lower than the results from Infosecurity Europe.
“Our study once again highlights that many security operations teams are struggling to keep up with the pace as which threats appear and increase in sophistication,” said Bob Egner, VP of products at Outpost24. “Unfortunately, in today’s threat landscape no attack is ever the same, cybercriminals are constantly evolving and updating their techniques in a bid to outsmart security teams and the products they use. However, ignoring a critical security incident should never be an option as this is only asking for trouble. The US regularly tops the list of most attacked countries so security professionals should be taking this threat very seriously and doing all they can to minimise their attack surface.”
The survey also asked IT professionals if they believe they could hack into any organisations using one of four common attack techniques. 77 percent of respondents said they could, which is slightly higher than respondents to Outpost24’s RSA survey results where 71 percent of respondents answered affirmatively.
In terms of attack techniques, social engineering was the most popular choice, with 63 percent of respondents selecting this option. Only 19 percent said they would choose to hack an organisation via insecure mobile devices, 14 percent said via insecure web applications while only four percent said they would infiltrate an organisation via their public cloud.
“Our survey results suggest that businesses are adding technology as a key element of their strategy but not preparing their security teams with the skills and resources to keep up. Hackers understand there are key areas of technology which organizations will often overlook in terms of cyber-security and they will target these weaknesses first. A comprehensive security posture covers the full stack - network infrastructure, cloud environments, applications, mobile devices and even people,” continued Bob Egner.
Notes to editor:
This study was conducted at Infosecurity Europe from June 5th – 7th and studied the attitudes of 269 attendees to the show.
Outpost24 is a leading Vulnerability Management company focused on enabling its customers to achieve maximum value from their evolving technology investments. By delivering insights that reduce vulnerabilities and attack surface for any architecture, Outpost24 customers continuously improve their security posture with low effort. Over 2,000 customers in more than 40 countries around the world trust Outpost24 to inspect their devices, networks, and web applications and report compliance status to government, industry sector, or internal regulations. Founded in 2001, Outpost24 serves leading organizations across a wide range of segments including financial and insurance, government, healthcare, retail, telecommunications, technology, and manufacturing.