Survey shows it takes almost 100 days for financial services organisations to identify advanced cyber threats

Issued by icomm for Exclusive Networks Africa
Johannesburg, 08 Oct 2015

Although financial services organisation are well aware that they are the targets of serious and advanced security threats, they struggle to identify attacks once they are inside their network. This is according to a new Ponemon Institute Survey, sponsored by Arbor Networks, a leading provider of DDOS and advanced threat protection solutions for enterprise and service provider networks, whose security products are exclusively distributed by Networks Unlimited in 18 countries throughout Africa.

Known as 'dwell' time, the average timespan it takes to identify these attacks is 98 days for financial services organisations. Despite these results, 58% of financial services organisations said they are not optimistic about their ability to improve these findings in the coming year.

This is alarming, considering the number of attacks targeting their networks - 83% experienced more than 50 attacks per month.

"The big takeaway from our research is that more investment is needed in both security operations staff and in security tools, which can help companies efficiently and accurately detect and respond to security incidents," says Dr Larry Ponemon, chairman and founder, Ponemon Institute. "The time to detect an advanced threat is far too long; attackers are getting in and staying long enough that the damage caused is often irreparable."

"It's time to find a better balance between technology solutions, usability, workflow and the people who use them. As security vendors, we need to help our customers so they can adapt to this new cyber security reality that balances the threats with the people who fight them every day," adds Bryan Hamman, territory manager for sub-Saharan Africa at Arbor Networks.

In the wake of high-profile mega breaches, the Ponemon Institute surveyed financial services organisations in North America and Europe, Middle East and Africa (EMEA) to better understand how they are dealing with attacks targeting their organisations.

The survey asked how organisations manage the explosion in advanced threats and DDOS attacks targeting their infrastructure; how effective (or not) their IT investments are; and how they are adapting incident response procedures and integrating threat intelligence for better visibility, insight and context.

Key findings among the financial services organisation surveyed are:

Advanced threats
* 71% view technologies that provide intelligence about networks and traffic as most promising at stopping or minimising advance threats during the seven phases of the Kill Chain;
* 45% have implemented incident response procedures; and
* 43% have established threat sharing with other companies or government entities.

DDOS attacks
* 55% consider DDOS attacks as an advanced threat;
* 48% "Strongly Agree" or "Agree" that they are effective in containing DDOS attacks; and
* 45% have established threat sharing with other companies or government entities to minimise or contain the impact of DDOS attacks.

Budgets and staffing
* 40% of budgets are allocated towards technology; 37% to staffing and 20% to managed services.

The financial services organisations surveyed included 844 IT and IT security practitioners in North America and in 14 countries in EMEA - only IT practitioners who are familiar with their companies' defence against cyber security attacks and have responsibility for directing cyber security activities within the company were selected to take part.

Ponemon Institute

Ponemon Institute is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the institute conducts independent research, educates leaders from the private and public sectors, and verifies the privacy and data protection practices of organisations in a variety of industries.

Arbor Networks

Arbor Networks helps secure the world's largest enterprise and service provider networks from DDOS attacks and advanced threats. Arbor is the world's leading provider of DDOS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor's advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market leading analytics for dynamic incident response, historical analysis, visualisation and forensics. Arbor strives to be a "force multiplier", making network and security teams the experts. Its goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and reduce the risk to their business. To learn more about Arbor products and services, please visit its Web site at arbornetworks.com. Arbor's research, analysis and insight, together with data from the ATLAS global threat intelligence system, can be found at the ATLAS Threat Portal.

Networks Unlimited

Networks Unlimited is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes. The company distributes best-of-breed products, including Arbor Networks, Arista, Aruba Networks, CensorNet, Centrify, Fortinet, F5, Riverbed, RSA, SimpliVity and Tintri. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, WiFi, mobile and networking security, load balancing, data centre in a box, and storage for virtual machines.
Since its formation in 1994, Networks Unlimited has continually adapted to today's progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the sub-Saharan Africa market.
www.nu.co.za

Editorial contacts