Nearly 70 Percent of IT Professionals Experience Phishing Attacks Once a Week: HP Report

Add Your Comments

Sixty-nine percent of IT professionals experience a phishing attack once a week or more, according to a recent HP TippingPoint survey. The August State of Network Security survey also showed that of attacks from within the network perimeter, 7 out of 10 come from a malware-infected host.

Further, as 6 out of 10 attacks stem from the command and control site, both the core and the perimeter of corporate networks are potential attack vectors, and need adequate security.

The results generally reflect those of a July study which indicated malware and spam both represent major security concerns. A study of Swedish businesses published last week indicated widespread malware and breaches.

HP TippingPoint and Ipsos Observer surveyed 205 IT professionals from medium-sized and large enterprises in early July 2014.

“Organizations are increasingly challenged to protect their networks from advanced targeted attacks, in fact, it is likely that most environments have already been breached with systems infected by malware,” Frank Mong, vice president, Solutions, Enterprise Security Products, HP said. “It’s important that IT professionals understand how attackers are trying to break through the network, and have confidence in their ability to mitigate attacks when every second matters.”

Recommendations from the survey include recognition of the continuing importance of layered security and firewalls that include application security solutions. The survey notes the use of Intrusion Prevention Systems, next generation firewalls, sandboxing, and SIEM products to secure networks.

Given the threat landscape picture the survey provides, it is not surprising that over 60 percent of respondents expect their network security costs and budgets to increase over the next year.

Although file-sharing was a concern for over half of respondents, BYOD is a major concern for just 40 percent, less than external threats, data center and endpoint security. This may reflect success through multi-factor authentication or Network Access Control technologies.

Add Your Comments

  • (will not be published)