Overconfidence Among Financial IT ProfessionalsOverall, it would seem financial respondents are just as overconfident as the survey's general pool of IT professionals. Let's take a closer look. 87 percent of financial IT pros said they could remove an unauthorized device from the corporate network within minutes or hours. However, when asked about their ability to detect new assets, three-quarters of IT professionals in the financial sector said they could automatically discover at most 80 percent of hardware assets, and just over a third (37 percent) said their automated tools could discover critical details about unauthorized configuration changes to network devices.
"The majority of respondents aren't discovering all of the assets on their network automatically, but also indicate it takes only minutes or hours to discover new devices on the network," said Tim Erlin, director of IT security and risk strategy at Tripwire. "Either they have an overabundance of staff manually watching network traffic, or there's a gap that's open to attackers."
- Of those vulnerabilities that were found, 45 percent of them were not fixed within a month.
- 29 percent of respondents do not detect every attempt non-privileged users make to access sensitive files, and about the same proportion (33 percent) do not log to a central system.
- 40 percent of financial IT professionals said that fewer than 80 percent of patches succeed in a typical patch cycle.
ConclusionIgnorance and a narrow focus on compliance both stem from too many unknowns. To help address this challenge, Tripwire's senior security research engineer Travis Smith recommends that IT professionals everywhere--not just in the financial sector--invest some effort in proactively identifying what is currently installed on the network.
"The path to a mature security deployment is through visibility because you cannot protect what you cannot see. Understanding what you have and how you can potentially be compromised will allow the security team to focus on where attackers are likely to strike. The cost of being proactive is always less than the cost of being reactive. That is why it’s important to follow best practices outlined by various security controls."For more information on Tripwire's breach detection survey, please click here. You can view the survey's findings with respect to finance here. Title image courtesy of ShutterStock