4th of November 2019, London – Over one third (36%) of IT professionals say their organisations are more vulnerable to security threats now than they were five years ago, according to new research commissioned by Alsid, a cybersecurity software provider.
The research, carried out by YouGov in the UK, questioned 506 IT professionals working at companies with 50 or more employees. The results shine a spotlight on the current state of IT security and attitudes among security and IT professionals.
Spoiler alert: it’s not all good news, although it’s not all bad either. But while there are some seeming bright spots for IT pros in the results, some of the data may show a perception/reality gap in the minds of IT and security professionals.
For example, a combined 72% of respondents feel “fairly well” (44%) or “very well” (27%) prepared against enterprise-grade ransomware attacks. Jérôme Robert, CMO, Alsid, comments: “This confidence is nice to see, but unfortunately the everyday reality suggests a different story. I get the sense that if you asked all the companies which have recently been hit by ransomware if they were well prepared before those attacks, they would probably have said yes. So that confidence didn’t help them, in fact, it probably hurt them because maybe they weren’t asking the questions they could have been.”
Changing IT/security roles
Questioned about their own roles, 42% feel that their job has become more complicated in the last two years, but only 15% feel more empowered to make decisions today than before. With a nod to the fast-moving nature of IT and security, 16% admitted that keeping track of new updates and techniques to help prevent cyber threats has become more difficult.
Turning the focus to their organisations, when asked about preparedness for certain types of attacks, a combined 29% admitted to being “not very well” (22%) or “not at all well” (7%) prepared for insider threats – an attack perpetrated by someone within the organisation. This makes insider threats the highest-ranking threat in the category. In second place, 18% said their employer was “not very well” (13%) or “not at all well” (5%) prepared for an attempted “targeted data theft”. 14% of respondents said they were not prepared for DDoS attacks, and attacks which exploit suppliers’ (third-party) access ranked fourth, with 13% stating a lack of preparedness.
Securing the Active Directory
Ransomware attacks are just one of the many types of attacks that rely on compromising the Active Directory, which is sometimes forgotten as an element of an organisation’s IT security. Of organisations which have an Active Directory, the survey data shows that responsibility for Active Directory security is split between functions, with 27% of those IT professionals reporting that responsibility lies with the IT team, and 19% stating that the security team holds responsibility for Active Directory security. 16% of respondents said that their organisation employs an Active Directory security specialist.
But 24% said that they don’t know who is responsible for Active Directory security within their organisation – showing that sometimes this important function can fall through the cracks between IT and security teams.
Furthermore, just one in five (21%) IT professionals said they have followed security best practices by testing a complete Active Directory restoration successfully more than once, and then incorporating the findings into their cybersecurity policy.
16% of respondents whose organisations have an Active Directory stated that Active Directory security is not treated as a priority in their organisation, whereas 31% replied that AD security is a priority, but not a top priority. 26% said that Active Directory security is treated as one of the top priorities by their employer.
Jérôme Robert, Alsid CMO, continues: “The enhanced profile of cyber threats and attacks is driving changes at the heart of IT and security functions within businesses, and I don’t think anyone can say now that security isn’t taken seriously at a senior level within companies. So the good news is that we’ve come a long way already, but you only need to look at the news to see that there are still gaps in security which lead to things like massively expensive ransomware incidents.
“As a central part of all enterprise information systems, the Active Directory is now the primary target for large-scale attacks – particularly in medium and large enterprises,” adds Robert. “It’s positive to see that the perceived importance of AD security is now growing after years where it was left out in the cold and pretty much ignored. This led to it being seen as a soft target for cybercriminals, which is where we are today. So in a weird way, the popularity of the Active Directory as an attack vector is driving knowledge and awareness and forcing companies to act. Companies are also finding that AD protection is a valuable investment because of its broad applicability right across the kill chain, and its ability to disrupt many different types of attacks.”
Other statistics from the research include:
- 81% of respondents stated that preventing hackers from accessing the first computer within an organisation’s network is “very important”, with 15% agreeing it was “fairly important”
- 80% agreed that responding quickly after the attack succeeded in gaining entry was “very important”, and 16% said it was “fairly important”
- For companies with an Active Directory, when asked how often it was subjected to penetration testing, 13% of IT pros said less than once every two years, 19% said more than once per year, and 21% said pen-testing the AD happened once each year
Alsid’s solution strengthens companies’ infrastructure and detects attacks in real-time, preventing them from spreading across a network. Recent major cyberattacks either known or thought to have proliferated via the Active Directory include the Demant breach in Denmark, some 621 US public sector bodies, and over 50 US cities so far in 2019.
Alsid recently closed a $13m funding round, a record sum for a cybersecurity Series A round. The company will use the funds in part to accelerate Alsid’s expansion in Europe, Asia, and the US, and to build on its revenue growth of over 500% throughout 2018.
Companies which have already selected Alsid to improve their cybersecurity stance include Orange, Sanofi, and Sodexo Unibail-Rodamco. For more information on Alsid, please visit http://www.alsid.com.
Founded by cybersecurity experts, Alsid designs pragmatic solutions to effectively combat attack scenarios targeting the core of enterprise information systems. Aware of the ever-evolving threat environment, Alsid designed the first proactive product to ensure Active Directory security by identifying vulnerabilities before an attacker can exploit them. Today, Alsid protects more than 3 million users across numerous countries and helps large companies such as Orange, Airbus Helicopters, Sanofi, VINCI Energies, and Lagardère to protect against the most advanced targeted cyberattacks.