Despite billions spent on cybersecurity, companies aren’t truly safe from hacks

August 22, 2016

Last year, private sector companies globally spent more than $75 billion on security software to safeguard their systems and data.

That number is expected to grow about 7% annually, according to Gartner and other analyst firms. It doesn’t include all the massive amounts spent on fraud prevention by banks, a number that is widely underreported and expected to reach into the billions annually.

Has all that spending made private sector data and systems any safer? Is customer personal data any safer?

The general answer is no, according to many analysts, but that’s not necessarily because the latest software is considered ineffective.

As security software has grown more sophisticated in recent years, so have the bad guys. Data breaches have soared in the past two years. One of the worst emerging problems is ransomware, where hackers demand payment to return sensitive data they’ve stolen or locked up to the rightful owner.

In interviews, four analysts said cybersecurity is a huge challenge because the bad guys are getting smarter. In recent years, the smartest hackers have found ways around some existing security software, especially signature-based antivirus (AV) software. (Signature-based AV compares signatures of files on a system to a list of known malicious files, while the use of behavior-based AV is growing in popularity because it watches processes in a system for signs of malware and then compares those signs against known malicious behaviors.)

These analysts ticked off a list of concerns: Many companies aren’t yet deploying new approaches like security analytics to detect suspicious events. Security analytics refers to gathering and linking diverse kinds of security event data and using advanced techniques like machine learning or neural network models.) The growth of cloud computing has also put sensitive enterprise data outside the more secure data center. Sometimes workers inside companies aren’t properly monitoring their security software or setting up sufficiently protective cybersecurity policies.

Read full story…