By 2018, 40% of large enterprises will have formal plans to address aggressive cybersecurity business disruption attacks, up from zero in 2015, according to new research from Gartner Inc.
The firm defines aggressive business disruption attacks as targeted attacks that reach deeply into internal digital business operations with the express purpose of widespread business damage, said Paul Proctor, vice president and distinguished analyst at Gartner.
"Servers may be taken down completely, data may be wiped and digital intellectual property may be released on the Internet by attackers,” Proctor said. Organizations could be hounded by media inquiries for response and status, and government reaction and statements might increase the visibility and chaos of the attack, he said.
In addition, following such an attack, employees might not be able to fully function normally in the workplace for months, Proctor said. “These attacks may expose embarrassing internal data via social media channels, and could have a longer media cycle than a breach of credit card or personal data," he noted.
To combat these types of attacks, CISOs (chief information security officers) must pivot approaches from blocking and detecting attacks to detecting and responding to them, according to the report.
"Entirely avoiding a compromise in a large complex enterprise is just not possible, so a new emphasis toward detect and respond approaches has been building for several years, as attack patterns and overwhelming evidence support that a compromise will occur," Proctor said.
"Preventive controls, such as firewalls, antivirus and vulnerability management, should not be the only focus of a mature security program. Balancing investment in detection and response capabilities acknowledges this new reality."
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access