Peter Makohon, a senior manager at Deloitte, warned that companies lack the automated systems to analyze and contain compromised devices. Forty-one percent of those polled agreed with him, saying that they did not know how their organizations found compromised devices inside their network.
More than 40% of executives polled also said that unknown quantities such as embedded middleware in computers, applications and devices, and opaque security protocols used by suppliers, are the greatest cyber risks facing them today. Remote internet access to corporate systems was also considered a big threat.
Deloitte polled the executives during a session titled "Combating Cyber Threats from the Underground Economy: a View from the Front Lines." Two hundred seventy professionals took part in the real-time online survey, in positions ranging from upper management to consultant.
Sixty-two percent of respondents said that they did not know how their organization understands what data is leaving the company's network. That said, 14% confirmed that their organizations were using some form of data loss prevention.
Richard Baich, a principal in Deloitte's security and privacy practice, warned that targeted attacks against specific individuals in an organization were becoming a part of the threat landscape for purposes including espionage and financial gain.
"Companies should consider establishing cyber threat intelligence programs, as well as leveraging existing technology and architecture investments to help detect and prevent these problems," he advised.
Only 2.8% of the participants said that they did not need this type of program.