According to research published by the Australian arm of US-based cyber security, risk, and compliance software company Nuix in its Black Report, there’s a huge gap between perception and reality in cyber security.
“You might think you’re well protected, but the people whose job it is to break in and steal your data think otherwise,” warns Chris Pogue, lead author of the report and Nuix’s head of Services, Security and Partner Integration.
“For example, most organisations invest heavily in perimeter defences such as firewalls and anti-virus, and these are mandatory in many compliance regimes, but most of the hackers we surveyed found these countermeasures trivially easy to bypass. If hackers can steal your data within a day, but you only find out it happened months later, you’re well on the way to becoming the next big news story.”
“Hackers can keep using the same attack techniques because they still work – if it ain’t broke, don’t fix it,” said Pogue.
“Again and again in the media, data breach victims claim they suffered unprecedented and highly sophisticated cyber attacks, but the reality turns out to be that someone didn’t do their job properly. In the recent Equifax case, it was simply an older system that hadn’t been patched.”
Pogue claims the report also shatters another common perception of cyber security, “that of the teenage hacker living in a basement”.
The report found that three-quarters of respondents were college graduates and nearly one-third (32%) had post-graduate degrees. The majority (57%) worked for medium-sized, large, or enterprise businesses.
“When organisations develop their cyber security strategies, they may have IT, legal, risk, and human resources teams at the table but the one person they never invite is the bad guy,” Pogue said. “It’s no wonder that so many security strategies are misdirected.
“The Nuix Black Report 2018 is an opportunity to bring the adversary to the table and have the hackers themselves tell you what’s most effective for your security efforts.”