71% of IT professionals can successfully hack any organisation, says Outpost24

Bob Egner, VP of Product at Outpost24

Outpost24, an innovator in identifying and managing cyber-security exposure, announced the results of a survey of 155 IT professionals, which revealed that 71% believe they can successfully hack any organisation using one of four common attack vectors, with social engineering being the most popular choice.

The survey, which was carried out at the RSA Conference in April 2018, asked respondents about the techniques they would use to hack an organisation and 34% revealed that would use social engineering, 23% said they would enter via insecure web applications, 21% said via mobile devices while a further 21% said they would enter via a public cloud. Survey respondents were also extremely confident in their attack vectors, with 71% saying they would be successful.

Commenting on the survey, Bob Egner, VP of Product at Outpost24, said: “Our study shows how confident IT professionals are that most of today’s organisations are not as secure as they might believe, and will be easy to attack. Hackers understand there are key areas of technology which organisations will often overlook in terms of cyber-security and they will target these weaknesses first.

A comprehensive security posture covers the full stack – network infrastructure, cloud environments, applications, mobile devices and even people. The study also demonstrates that once again people are viewed as the weakest link, so it is important that security teams understand the critical role they play in educating their staff on cyber-security issues.”

The study also asked respondents about their use of commercial clouds, like Amazon Web Services and Microsoft Azure. Findings revealed that 75% of respondents use a commercial cloud to host their organisation’s data. When respondents were asked if they use the same security in their cloud environment as they do to their owned assets or data centres, 41% said they did, 38% said they didn’t use the same security, while 22% were not sure.

“What many of the IT professionals are clearly not aware of is the evolving security requirements for cloud compared to on-premise environments. Security in the cloud is more around configurations rather than perimeter controls, which means that the tools and techniques an organisation uses to secure its on-premise data will be different from the tools they use in the cloud.

While some security vendors may recommend using traditional end-point security in the cloud, the reality is it won’t be as effective. Organisations should instead look to vendors that specialise in security in the cloud,” continued Egner.

For more insights into the study, download the full RSA survey report.

Comment on this article below or via Twitter: @IoTNow OR @jcIoTnow

Recent Articles

Laird’s BL653 modules support long-range BLE applications in harsh environments

Posted on: July 10, 2020

New Product Introduction (NPI) distributor, Mouser Electronics, Inc., is now stocking the BL653 Series of modules from Laird Connectivity.

Read more

Handy AV appoints Oram as CTO

Posted on: July 9, 2020

Handy AV has appointed Ben Oram as its chief technology officer (CTO). Handy AV is welcoming him to the team to develop and drive innovation for their cloud-based Blue River platform and range of digital retail products.

Read more