Targeted attacks and data breaches are top concerns for companies, but confidence among IT professionals that they have the ability to stop them has fallen, according to a new survey from Bit9.
In the company’s third annual Server Security Survey, the company found that 55 percent of the nearly 800 IT pros surveyed consider targeted attacks and breaches their top concern, an increase of three percent compared to last year and 18 percent compared to 2011. However, 81 percent said they were either “somewhat confident” (59 percent) or “not confident” (22 percent) that they could stop advanced threats targeting their servers. That 22 percent figure is a two percent increase from 2012.
“Many businesses are still depending on antiquated endpoint security solutions like AV (antivirus) that simply don’t work, and the attackers continue to become more advanced,” said Nick Levay, chief security officer at Bit9. “The confidence level reflects that.”
Twenty-six percent of respondents admitted their organizations had been hit by advanced malware, an increase of one percent from 2012. Twenty-five percent said they don’t know if they had, up from seven percent from last year.
From a risk perspective, respondents said they were most concerned with Web servers (52 percent) and file servers ranked the highest. Database servers were cited by roughly 9.5 percent.
“We found this puzzling,” Levay told SecurityWeek. “We expected file servers and databases to be higher priority because they are most often where proprietary information resides. I think it’s a matter of how the respondents defined risk – risk of compromise, versus risk to the business. Web servers are often the most exposed, and for that reason pose the largest risk of compromise, while servers like databases pose the largest risk to the business if compromised.”
Virtual servers were ranked as the highest concern by less than three percent – something Bit9 argues is due to overconfidence in the security of virtual environments. To this point, nearly a quarter of those who administer an environment composed of more than 75 percent virtual servers said they had been hit by advanced malware.
“There’s nothing about virtual servers that makes them inherently more secure than physical servers. In fact, the contrary is true,” Levay said. “Virtual servers have a larger threat surface, because in addition to the servers themselves being targets, the hypervisors they run on are targets as well. It’s unclear where this perception comes from. It’s probably a combination of believing something is more secure because it’s easier to manage and simply because it’s newer. Neither (is) true.”
