19 July 2017

Black Hat survey: US critical infrastructure in imminent danger


by Rachael Kalinyak

As of May 30, the Identity Theft Resource Center reported 698 major data breaches at different U.S. organizations. These numerous breaches represent over 10.2 million compromised records.

It is no secret that cybersecurity is in high demand. To gauge attitudes and plans of the industry’s most experienced, highly trained, top professionals, Black Hat conducted a survey. With a margin of error of +/- 4 percent, Black Hat found a clear and imminent threat to the safety of critical infrastructure within the next 24 months.

Out of the 580 top cybersecurity and information technology professionals surveyed, 60 percent believe the U.S. will experience a successful cyberattack on critical infrastructure within the next two years. Of the remaining 40 percent, 30 percent chose to remain neutral on the matter while 10 percent believed the U.S.’s cyber defense would prevent any such attack.

In addition, the survey identified the top security threats that professionals are worried about. Fifty percent of the individuals surveyed found the biggest threats to be phishing, social engineering and social network exploitation efforts and 45 percent were more worried about sophisticated and targeted attacks on an organization.

These threats are even more worrisome when assessed with the problems of the IT and cybersecurity industry, most notably the shortfall of trained cyber workers. With an expected shortfall of 1.8 million workers in the cybersecurity industry by the year 2022, many professionals indicated the lack of workers to be the biggest challenge. Without enough people, responding to threats quickly is difficult, if not impossible, and 71 percent of those surveyed indicated not having enough people to protect critical data.

The major concerns and priorities for cybersecurity and IT professionals are expected to change in two years. The current concern for attacks on the internet of things and other non-computer systems is ranked 10th. However, in two years, it is predicted to be the No. 1 concern. Plus, these concerns are well-founded, with continual research proving more and more vulnerabilities of non-computer systems.

No comments: