60% InfoSec Say Cyberattack on US Critical Infrastructure Within 2 Yrs

The majority of the cybersecurity industry’s most experienced information security professionals, believe that a major breach of U.S. critical infrastructure will occur within the next two years, and don’t believe current U.S. defense and government agencies are prepared to respond.

These findings are among the data published today in Portrait of an Imminent Cyber Threat, a survey of nearly 600 cybersecurity professionals.

Black Hat
Black Hat USA 2017 Arsenal: Independent researchers and the open source community will showcase their latest open-source tools and products! 

The report, which summarizes the results from the third annual Black Hat Attendee Survey, offers feedback from top enterprise information security professionals on a wide variety of issues, including cyber threat risks, the Trump administration’s cyber policy, nation-state attacks, and the dangers faced by U.S. enterprises.

Black Hat is the most well-known and established conference of cybersecurity researchers and enterprise information security professionals.

Many of the attendees are the IT security leaders in their respective organizations, and approximately 40% of the survey respondents work in critical infrastructure industries, including utilities, health care, financial services, and government.

Is the U.S. Safe from a Breach Under the Trump Administration? 

  • Only 26% of those surveyed are confident that the U.S. government and defense forces are equipped and trained to respond appropriately to an oncoming attack
  • 47% said the Trump administration’s impact on cyber defense will be negative
  • 26% believe it would be positive, and
  • 27% were neutral

What is Making the U.S Less Secure? 

Recent state-sponsored cyber attacks related to the U.S. elections, cyber espionage on U.S. corporations and the WannaCry ransomware worm have eroded IT security professionals’ confidence in critical infrastructure security.

  • Nearly 70% of respondents said that recent activity from Russia and China has made U.S. enterprise data less secure, and
  • More than 60% believe corporations should develop special online defenses to protect their critical data from state-sponsored hacking

What Role is WikiLeaks Playing in Government and Corporate Operations?

Attackers’ growing use of WikiLeaks to publish stolen information has also diminished the community’s trust in the nation’s ability to defend itself.

Instances including the hack of Democratic National Committee emails and Shadow Brokers’ reveal of CIA hacking tools has solidified WikiLeaks as a frequent outlet for information exposure, so much so that more than 60% of Black Hat survey respondents said they believe WikiLeaks is impacting the way corporations and government agencies conduct operations.

Support of the use of WikiLeaks is still split among today’s professionals:

  • More than 30% oppose the work done by WikiLeaks
  • 31% favor it, and
  • 37% remain neutral

The InfoSec Community’s Warning

With new findings related to cybersecurity on the national front emerging, it is also apparent that the issues highlighted by security professionals on the enterprise side since 2015 are still not being addressed.

Nearly 70% of respondents remain concerned they’ll experience a breach within their own enterprises in the next year and those concerns still stem from the same issues highlighted in Black Hat’s 2015 and 2016 reports:

  • Shortage of skilled security professionals
  • Lack of prioritization from upper management
  • Security budgets and spending, and more.

These findings make it apparent that government and business leaders need to put forth greater effort to secure today’s defenses and prioritize security among their initiatives.

Additional Key Findings

  • 36% of those surveyed believe the increased use of ransomware remains the most serious new threat faced by cybersecurity professionals
  • 50% cited phishing and social engineering as their greatest concerns, while 45% fear sophisticated attacks targeted directly at their own organizations
  • Nearly 70% of respondents say they do not have enough staff to meet the threat of a major security breach in the next 12 months, and
  • Nearly 60% feel they do not have adequate budgets

Portrait of an Imminent Cyber Threat

These survey results call for immediate attention on the current state of the nation’s defenses, as well as a greater focus on security from government officials and business leaders.

For actionable insights and more information related to these critical industry trends and findings, download a copy of Portrait of an Imminent Cyber Threat, here: www.blackhat.com/latestintel/07062017-july-6-2017-attendee-survey.html

Black Hat USA 2017: July 22 – 27, Las Vegas

On the heels of this new industry research, Black Hat will host some of the brightest minds in the InfoSec community at Black Hat USA 2017.

Black Hat USA 2017The event will feature a robust educational program, spanning everything from smart grid and critical infrastructure vulnerabilities to mobile attacks, applied security, machine learning, and more.

The event will take place July 22 – 27 at the Mandalay Bay Convention Center in Las Vegas.

Learn More. On 16 April 2013, just before 1AM, intruders lifted the heavy cover of a telecom underground utility vault near the Metcalf power substation just south of San Jose, CA…

CEL Competes in 2017 ASTORS Homeland Security Awards (Video)

 And More…

IACIPP on Call to Protect ‘Critical Infra’ from Terror Attacks (Video)