Wave Survey Shows Nearly Half of U.K. IT Pros Say their Networks Can’t Defend against Advanced Persistent Threats
Wave Systems Corp. (NASDAQ:WAVX; www.wave.com) announced today the results of a survey of enterprise network security professionals that reveals a lack of preparedness for Advanced Persistent Threats (APTs) at many firms. The focused survey also highlighted a general confidence and a false sense of security among network security managers and staff about the ability of IT defences to prevent cyber-attacks in the next year.
The Wave Systems’ State of Network Security Survey 2012 polled a representative group of 256 IT security managers, professionals, analysts and decision-makers in the United Kingdom this month (April).
It found that 43 per cent of respondents felt they did not have an effective detection system or defence to deal with APTs, sophisticated malware that penetrates device and network security software barriers before launching potentially devastating attacks to disable or destroy equipment, or to steal data. APTs can remain undetected over an extended time. The most notorious APT has been the Stuxnet virus, which targeted and damaged Iranian nuclear facility computers. Latest reports suggest the virus was introduced to the system through an infected memory stick.
Despite the large number of network security professionals indicating inadequate defences against APTs, most of them believe that their enterprise networks are effectively prepared to deal with cyber-attacks in the coming year. They were asked to rate their IT defences against security attacks on a scale of 1 to 10, which produced a mean score of 7.3. In other words, 73 per cent believed they had a system ranking between 7 and 10 on the effective security scale.
Greater Need for Port Control, Proof of Encryption
- Two-thirds (66 per cent) of respondents said they had data that could be vulnerable without total port control protection tools.
- 16 per cent indicated that they did not have security systems in place to prevent data loss through removable media.
- Regulatory compliance was another challenge highlighted by the survey. Around a third of respondents said they did not have the means to provide proof of encryption within 24 hours of data loss or theft of a laptop. Furthermore, 40 per cent said they were unaware that this requirement would be mandatory under the new European Union data regulations now being finalised.
Strong Majority See Benefits of Hardware Security for Authentication, Encryption
- There was an overwhelming majority of respondents (94 per cent) who acknowledged the benefits of open-industry standard, embedded-hardware security for device authentication and data encryption but at the same time, a quarter of security professionals indicated that their current network software could not manage and monitor the adoption of this form of security hardware.
- The study indicated that managing security in the Cloud is a significant challenge for network professionals, with 35 per cent of respondents advising that they had no proven and effective solution for managing multiple types of encryption in cloud-based services, for example Full-Disk Encryption, Self-Encrypting Drives and BitLocker for Windows.
- At the same time, around a third (30 per cent) also said they did not have a single system to manage the authentication of all devices on a network, i.e. PCs, laptops, notebooks, smartphones and tablets.
Joseph Souren, General Manager Wave Systems EMEA, says: “Our survey focused on new network security threats, regulatory compliance and the challenges presented by multiple devices and the Cloud. It indicates that there are definite gaps for many firms in both understanding of the growing cyber-threats and new strategies that enterprises must implement to be fully compliant with EU regulations.”
Note: The Wave Systems’ State of Network Security Survey 2012 was conducted online from April 13-18th by Redshift Research and polled a focused sample of 256 IT network security managers, IT security professionals and decision-makers in the UK.
"Our survey focused on new network security threats, regulatory compliance and the challenges presented by multiple devices and the Cloud. It indicates that there are definite gaps for many firms in both understanding of the growing cyber-threats and new strategies that enterprises must implement to be fully compliant with EU regulations."
Joseph Souren, General Manager Wave Systems EMEA
About Wave Systems
Wave Systems Corp. (NASDAQ: WAVX) reduces the complexity, cost and uncertainly of data protection by starting inside the device. Unlike other vendors who try to secure information by adding layers of software for security, Wave leverages the security capabilities built directly into endpoint computing platforms themselves. Wave has been a foremost expert on this growing trend, leading the way with first-to-market solutions and helping shape standards through its work as a board member for the Trusted Computing Group.
Safe Harbor for Forward-Looking Statements
This press release may contain forward-looking information within the meaning of the Private Securities Litigation Reform Act of 1995 and Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company's financing plans; (ii) trends affecting the company's financial condition or results of operations; (iii) the company's growth strategy and operating strategy; and (iv) the declaration and payment of dividends. The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements. Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company's ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors. Wave assumes no duty to and does not undertake to update forward-looking statements. All brands are the property of their respective owners.