New Research Reveals Need for Awareness Training, Detection and Remediation for Cyber Attacks

July 14, 2010
A new survey by the Ponemon Institute uncovered some sobering statistics about how today's IT professionals view their organizations' preparedness with regard to cyber threats. Consider this: Among the nearly 600 IT professionals polled, the vast ...

A new survey by the Ponemon Institute uncovered some sobering statistics about how today's IT professionals view their organizations' preparedness with regard to cyber threats.

Consider this: Among the nearly 600 IT professionals polled, the vast majority (83 percent) believe that their companies have been recently targeted by "advanced" cyber threats, and 41 percent feel that they are frequent targets.

But even so, a whopping 81 percent of those participating in the study said leadership at their companies lacked awareness of the seriousness of the business risks associated with these types of cyber attacks.

The survey, which was sponsored by NetWitness Corporation, defined "advanced" cyber threats as, "a methodology employed to evade an organization's present technical and process countermeasures, which relies on a variety of attack techniques as opposed to one specific type." And the results clearly indicate that there's a growing need for awareness training, attack detection and remediation about these kinds of attacks.

After all, according to the new research detection of advanced threats is low:

46 percent took one month or longer to detect an advanced threat.


45 percent discovered the attackers "by accident."


47 percent said they rely on either ad hoc activities or manual analysis to detect advanced threats.

In addition, the report illustrates the need for fundamental changes to the way companies approach advanced threat awareness and management:

81 percent felt that their leadership lacked awareness of the seriousness of the business risks associated with advanced threats.


Only 24 percent agreed that prevention or quick detection of advanced threats is a top security priority in their organization.
32 percent reported that their security-enabling technologies are adequate.


26 percent reported security personnel are adequate to deal with advanced threats.

"Information security is not a set-it-and-forget-it proposition," says Larry Ponemon, Chairman and Founder of the Ponemon Institute. "In our discussions with key stakeholders, it is obvious that while threats are evolving quickly, defenses continue to lag. More than 70 percent of organizations reported that advanced threats are evading traditional security stalwarts such as AV and IDS. The stakes could not be higher since nearly half of the sample group has lost critical business information as a result of a successful attack."

Popular Sponsored Recommendations

Empowering the Modern Workforce: The Power of Connected Worker Technologies

March 1, 2024
Explore real-world strategies to boost worker safety, collaboration, training, and productivity in manufacturing. Emphasizing Industry 4.0, we'll discuss digitalization and automation...

3 Best Practices to Create a Product-Centric Competitive Advantage with PRO.FILE PLM

Jan. 25, 2024
Gain insight on best practices and strategies you need to accelerate engineering change management and reduce time to market. Register now for your opportunity to accelerate your...

Transformative Capabilities for XaaS Models in Manufacturing

Feb. 14, 2024
The manufacturing sector is undergoing a pivotal shift toward "servitization," or enhancing product offerings with services and embracing a subscription model. This transition...

Shifting Your Business from Products to Service-Based Business Models: Generating Predictable Revenues

Oct. 27, 2023
Executive summary on a recent IndustryWeek-hosted webinar sponsored by SAP

Voice your opinion!

To join the conversation, and become an exclusive member of IndustryWeek, create an account today!