White & Black Hats Point Out Security Blind Spots
- 1 of
-
White & Black Hats Point Out Security Blind Spots
Both well-meaning and malicious hackers fess up to why they hack, and list the best data exfiltration strategies and the least effective security tools. -
Black Hat Versus White Hat
81% of survey respondents had worked in corporate IT in the past. Respondents were almost evenly split between white hats (52%) and black hats or other (48%). -
Hacking and Morality
Asked about the moral implications of hacking, 65% said they believe hacking is always good or always bad, and 35% said it is inherently neutral. -
Motivation for Hacking
Stealing data can be very lucrative, as evidenced by the fact that some white hat hackers leave their IT jobs to become black hats. 83% said money is the primary motivation for hacking. -
Least Effective Security Tools
Password-protected documents: 33%, Face recognition: 19%, Access controls: 16% -
Top Data Exfiltration Methods
Phishing: 59%, Malware: 26%, Physical theft: 6%, WiFi spoofing: 5%, Other: 4% -
Biggest Blind Spots
61% of the experts surveyed identified unmanaged devices as a critical security blind spot. Systems that are not up to date followed at 55%, and 36% named mobile devices as the third major blind spot. -
Need for Tools
These security vulnerabilities demonstrate the need for tools—such as cloud access security brokers—that maintain comprehensive, real-time visibility and control over data. -
Recommendation
Organizations should adopt real-time security solutions with comprehensive data protection across all devices and applications.
The majority of white hat and black hat hackers said phishing is the best data exfiltration strategy because human error and ignorance will always be exploitable, according to a new study from Bitglass, "Data Games: Security Blind Spots According to Experts." Malware and ransomware ranked second. The hackers also said password protection, facial recognition and access controls are the three least effective enterprise security methods. "Phishing and malware are threats made all the more potent by cloud adoption and the ease with which employees can share corporate data," said Mike Schuricht, vice president, production management at Bitglass. "Many security technologies fail to address IT's largest blind spots—unmanaged devices and anomalous access." The study concluded that "The fact that white hat and black hat hackers agree indicates the legitimacy of these security issues." It recommends that enterprises adopt real-time security solutions with comprehensive data protection across all devices and applications. An estimated 100 attendees of the Black Hat 2017 conference participated in the survey.