90 per cent of IT security professionals concerned by compromised credentials
13 January 2016 |
Nine in ten IT security professionals are worried by the threat posed by potentially compromised login credentials, new research has found.
90 per cent of organisations said they were worried by the security risk posed by compromised user credentials, research from data solutions firm Rapid7 has revealed.
Despite this, nearly two thirds of IT professionals said they received more alerts regarding compromised credentials than they could feasibly keep track of or investigate.
Lee Weiner, Rapid7’s vice president of products and engineering, said that security pros often struggled to pick up on incidents because the monitoring solutions available to them fail to provide them with the information needed to make quick decisions.
The firm argues that maintaining IT security is more challenging than in the past due to expanding network perimeters that allow employees to work from multiple locations, platforms and devices, in addition to temporary access granted to partners and contractors.
The wide territory security professionals are expected to cover and the high volume of alerts are leaving many companies impotent in the face of security threats, Weiner warns.
“This lack of understanding – or context – is causing massive alert fatigue and leaving companies unable to effectively detect the most used attack method today: compromised credentials,” he said.
Phishing attacks and stolen credentials have been the leading attack vector for the last five years, according to Verizon’s 2015 Data Breach and Investigations Report.
Intruders within retail organisations traditionally remain undetected for an average of 197 days, while those who infiltrate financial services organisations go unnoticed for an average of 98 days after breaching the network.
Additionally, preventative solutions are inadequate in the face of compromised user credentials, as they cannot mitigate the risks posed by phishing attacks or stolen login details.
The report also found that 43 per cent of respondents planned to increase spending on incident response measures in 2016.
However, as many as 40 per cent said they had no visibility into users or risks, with a similar number saying issues frequently went unresolved because there were “too many alerts” or because of “investigations taking too long”.
Global security strategist Trey Ford talked to Infosecurity about the survey’s results, concluding that the behaviour of IT pros signals a shift to a more proactive security stance.
“It isn’t about prepare and prevent, it is about detect and respond,” he said.
In addition to compromised credentials and phishing attacks, Rapid7 said that malware continued to be a serious threat to the majority of organisations.
The full report is available from Rapid7’s website.