New Research Reveals Need for Awareness Training, Detection and Remediation for Cyber Attacks

July 14, 2010
A new survey by the Ponemon Institute uncovered some sobering statistics about how today's IT professionals view their organizations' preparedness with regard to cyber threats. Consider this: Among the nearly 600 IT professionals polled, the vast ...

A new survey by the Ponemon Institute uncovered some sobering statistics about how today's IT professionals view their organizations' preparedness with regard to cyber threats.

Consider this: Among the nearly 600 IT professionals polled, the vast majority (83 percent) believe that their companies have been recently targeted by "advanced" cyber threats, and 41 percent feel that they are frequent targets.

But even so, a whopping 81 percent of those participating in the study said leadership at their companies lacked awareness of the seriousness of the business risks associated with these types of cyber attacks.

The survey, which was sponsored by NetWitness Corporation, defined "advanced" cyber threats as, "a methodology employed to evade an organization's present technical and process countermeasures, which relies on a variety of attack techniques as opposed to one specific type." And the results clearly indicate that there's a growing need for awareness training, attack detection and remediation about these kinds of attacks.

After all, according to the new research detection of advanced threats is low:

46 percent took one month or longer to detect an advanced threat.


45 percent discovered the attackers "by accident."


47 percent said they rely on either ad hoc activities or manual analysis to detect advanced threats.

In addition, the report illustrates the need for fundamental changes to the way companies approach advanced threat awareness and management:

81 percent felt that their leadership lacked awareness of the seriousness of the business risks associated with advanced threats.


Only 24 percent agreed that prevention or quick detection of advanced threats is a top security priority in their organization.
32 percent reported that their security-enabling technologies are adequate.


26 percent reported security personnel are adequate to deal with advanced threats.

"Information security is not a set-it-and-forget-it proposition," says Larry Ponemon, Chairman and Founder of the Ponemon Institute. "In our discussions with key stakeholders, it is obvious that while threats are evolving quickly, defenses continue to lag. More than 70 percent of organizations reported that advanced threats are evading traditional security stalwarts such as AV and IDS. The stakes could not be higher since nearly half of the sample group has lost critical business information as a result of a successful attack."

Popular Sponsored Recommendations

2022 Honeywell Industrial Cybersecurity USB Threat Report

April 19, 2023
New research reveals cyber threat levels remain dangerously high. Threats designed for USB exploitation rise to 52% and threats continue to become more prominent and more potent...

Why DataOps may be the key to unlocking the full potential of digital transformation

Nov. 3, 2023
Read the 2023 market survey conducted by IndustryWeek

Ecommerce Guide: How to Manage Order Volume Spikes

Oct. 2, 2023
Master the art of delivering a seamless ecommerce shopping experience! Learn how to streamline your operations to successfully manage seasonal sales order spikes.

Digitally Transforming Data and Processes With Product Lifecycle Management

Oct. 29, 2023
Manufacturers face increasing challenges in product development as they strive to consistently deliver improved results. Discover how industry leaders are improving time-to-market...

Voice your opinion!

To join the conversation, and become an exclusive member of IndustryWeek, create an account today!