The 2013 Server Security Survey reveals that organizations are having increasing difficulty detecting and mitigating advanced attacks aimed at network servers, and that most are relying on technologies that are ineffective.
“It is alarming to see that in 2013, 92 percent of IT and security professionals still rely on old-fashioned security solutions—particularly antivirus—and only a quarter of those surveyed have deployed a new generation of server security that doesn’t rely on signatures and is much more effective at detecting and stopping advanced threats and targeted attacks,” said Bit9’s Nick Levay.
Key findings in the report include:
- 55 percent of security professionals were concerned about targeted attacks and data breaches on servers in 2013—up 3 percent from 2012, and up 18 percent from 2011.
- Only 13 percent of respondents are “very confident” in their ability to stop advanced threats targeting servers.
- 26 percent of respondents admitted their servers were hit by advanced malware, up 1 percent from 2012 and up 9 percent from 2011.
- 25 percent of respondents “don’t know” if they’ve been hit by a server attack, up 7 percent from last year.
- Only 3 percent of respondents said their virtual servers posed the highest risk. However, of those who administer an environment consisting of more than 75 percent virtual servers and who rated their virtual servers as having a “higher level” of security, 24 percent still admitted to being hit by advanced malware.
- 92 percent of respondents use signature-based antivirus software on their servers, despite AV’s inability to stop advanced threats and targeted attacks, while only 29 percent use a more effective new-generation security solution, such as application control or whitelisting.
“Another very interesting result is the response to the question about which types of servers pose the highest risk. More than half of respondents said Web servers. While it’s true Web servers may present the greatest risk of being compromised, the real risk that organizations must be aware of is which types of servers could cause the most damage to the business if they were breached,” Levay said.
“In that case it’s database and file servers because the data those machines contain is significantly more desirable to cyber criminals, hacktivists and nation-states.”
Read More Here…