GO
Loading...

Mistakes businesses are still making in cyberspace

After hackers pulled off major data breaches at Target and Barclays, consumers and employees have been left wondering about computer security at all companies.

"Attackers are very sophisticated, and these are now very well-planned attacks," said Leo Cole, general manager for security solutions at Trustwave, a cybersecurity company. Hackers are after specific data and may first compromise the systems of a company's suppliers to gain access to the network of their prime target.

Trustwave released a survey Tuesday of more than 800 information technology professionals from around the world, and the findings suggest that companies are still not doing what they should to secure their intellectual property and customer data.

(Read more: Krebs on security reports from the Web underbelly)

Four out of five pros surveyed said they felt pressured to unveil projects before all the security bugs are out—and money is often the driver of the hurry-up attitude, according to Cole.

"Security is seen as something that will slow projects down, so they will roll those projects out initially without security," he said.

Such pressure may have played a role in the breach of Target's payment terminals, which were being upgraded in time for the busy shopping period. Its own employees express concerns about security vulnerabilities months before, according to the The Wall Street Journal.

At some businesses, bosses put too much faith in the cloud. Though virtual storage offers savings and flexibility, Cole said, it also comes with security issues.

Companies need to ensure that "they're getting advice on how to move into the cloud in a secure fashion," he added.

Diane Macdonald | Stockbyte | Getty Images

(Read more: From 'Kitten' to 'Panda': Dangerous hacker groups)

But companies' worst error could be complacency.

The results of the Trustwave survey indicate that businesses have blinders on about cybersecurity, as 73 percent of the respondents believe their organization is safe from threats.

Another recent report found similar problems.

A survey released in January by cybersecurity firm Stroz Friedberg found that 87 percent of senior managers regularly upload work files to a personal e-mail or cloud account. It also found that nearly half of U.S. workers grade the corporate response to cyberattacks C or lower. In addition, 73 percent of office workers are concerned that a hacker could steal their personal information from their employer.

(Read more: Cybercrime may cost US economy $100 billion, says new study)

On the positive side, cybersecurity is now seen as being more of a priority at the highest levels of the corporation.

(Read more: US unveils measures to avoid 'cyber Pearl Harbor')

In Trustwave's survey, 62 percent of respondents said the pressure to stop breaches has risen from last year, and 50 percent said they feel the most pressure coming from the board or C-suite.

By CNBC's Jennifer Schlesinger. Follow her on Twitter @jennyanne211

For more CNBC coverage of cybersecurity, visit HackingAmerica.cnbc.com.

Symbol
Price
 
Change
%Change
TGT
---
BARC
---

Featured

  • CNBC's senior correspondent and lead investigative reporter, Scott Cohn also appears on "NBC Nightly News with Brian Williams," "Today" and on MSNBC.

  • “Squawk on the Street” Co-Anchor

  • CNBC Washington Reporter

Investigations Inc.: Cyber Espionage

  • When a person enters information on a website, like an email or credit card, it gets stored in that company’s data base. Those web-based forms are a simple tool for users, but they are also another way hackers can exploit a company’s system. Instead of inputting a name into the website, cyber spies can put in a specially crafted text that may cause the database to execute the code instead of simply storing it, Alperovitch said. The result is a “malicious takeover of the system,” he said.

    By attacking business computer networks, hackers are accessing company secrets and confidential strategies and creating huge losses for the overall economy.

  • China is working feverishly to counteract its slowest GDP growth in recent years, and one of the ways it’s doing so, say U.S. officials, is through the theft of American corporate secrets.

  • US businesses are enduring an unprecedented onslaught of cyber invasions from foreign governments, organized crime syndicates, and hacker collectives, all seeking to steal information and disrupt services, cybersecurity experts say.

Technology

Technology Explained