By Calvin Biesecker
The defenses that organizations need against cyber attacks require integrated solutions pieced together from multiple vendors, the cyber security firm Narus says in a survey of security professionals released yesterday.
“Realizing that one company cannot possible offer technology and services to cover the vast needs among organizations, cyber security vendors must cooperate with each and form a ‘cyber security ecosystem’ and to offer more value to their customers,” says, Narus, which is a subsidiary of Boeing [BA]. “In an ecosystem, vendors interoperate with others in their ecosystem–such as combining the best of forensics, visualization, data mining and storage–in addition to their own cyber security solutions…By extending a vendor’s product set through partnerships, cyber security vendors add critical value to their product and provide the best possible system for network protection and management.”
The survey, which was conducted with security officials from a number of industries, finds that most companies believe that their Internet Service Provider should be primarily responsible for network security. In the survey, 74 percent of respondents expect their carriers to provide protection while 26 percent believe they can do a better job of it.
“While not part of this study, we believe the reasons for this expectation are because of resource constraints in most organizations, the relative scarcity of skilled personnel, and the lack of widely available tools to detect and mitigate sophisticated threats,” Narus says. “With a rise in the complexity and sophistication of attacks, the type of security tools that service providers deploy may well be a differentiator as customers begin to understand the real, devastating threats present in the cyber world.”
Narus specializes in real-time traffic intelligence. Its customers include telecom carriers worldwide such as Korea’s KT, Telecom Egypt, Britain’s Cable and Wireless, U.S. Cellular [USM] and more.
The survey also finds just about all–95 percent–respondents believe real-time cyber threat detection, analysis and mitigation is crucial to their organizations. On a scale of one to five, threat identification was the highest rated cyber security software need followed by network behavior analysis and advanced traffic monitoring.
Other findings in the survey include:
-
Over 90 percent of respondents believe cyber attacks are on the rise and that the types of attacks are becoming more sophisticated than just a year or two ago;
-
Just over 60 percent of respondents believe that software and technology exist today to handle attacks;
-
However, 73 percent believe their companies are not fully equipped to protect themselves from current and future cyber attacks;
-
And even more believe–88 percent–that U.S. government organizations are not fully equipped to protect against current and future cyber attacks.