Privacy and personal identity could be impossible to protect: 3 in 4 cybersecurity professionals
Privacy and personal identity could be impossible to protect according to nearly three out of four cybersecurity professionals, a research report from Black Hat shows.
“Where Cybersecurity Stands” also shows that nearly 60 percent of respondents to the Black Hat Attendee Survey believe their organization will suffer a major breach within the next year, and most say they do not have the funding or staff to adequately defend against current and emerging threats.
From a list of 18 cybersecurity technologies, only encryption, multi-factor authentication tools, and firewalls are considered effective. Nearly 40 percent said that they consider passwords ineffective. Recent research from Blink and Trusona shows that most consumers would rather use multi-factor authentication than traditional usernames and passwords, and the growing adoption of WebAuthn specification offers the option of biometrics instead of passwords for web services.
Cybersecurity professionals are concerned about social media. Three in four respondents are at least limiting their use of Facebook, and 55 percent say they have advised internal users and customers to reconsider the data the share on the social media platform. Cryptocurrencies are viewed with similar scepticism, as more than 40 percent said that investing in cryptocurrencies such as Bitcoin is not a good idea.
Although regulations such as GDPR are supposed to address data protection and privacy concerns, 30 percent of cybersecurity professionals do not know if their organizations are compliant. More than a quarter do not believe it applies to them. This still represents a more positive view of GDPR preparedness by U.S. companies than a recent report from CompTIA showing that only 13 percent were fully compliant.
Survey respondents are also concerned about attacks from around the world, with 71 percent saying recent activity from Russia, China, and North Korea threatens U.S. enterprise data security, and only 13 percent believe that the White House and Congress understand cyber threats and will take action to defend against them. Almost 70 percent expect a successful attack on U.S. critical infrastructure, up from 60 percent a year ago, with more than 40 percent citing a large nation-state such as China or Russia as the greatest threat.