Is a state-sponsored cyber attack imminent?

InfrastructureThreat & Vulnerability Management
303 viewscircle icon7 Comments
Sort by:
Head of IT and Security in Finance (non-banking)3 years ago

It's already happening and it probably should be... not sure it would achieve It's purpose but at least it's a step 

Director of Information Security Operations in Consumer Goods3 years ago

Yes it is - there is no way around it - and its running as we speak 

CIO in Government3 years ago

I think 'imminent' is overly optimistic.  If you have anything of interest to them (depending on the threat actor --> some e.g. China -> Intellectual property, North Korea -> money, Russia -> influence, but of course, there are many possibilities) you should assume they are already in your network, in your building, amongst your employees.  The issue is that all cyber attacks are not going to look the same.  They're not going to overtly shut you down if they can sit and exfiltrate data instead.  They're not going to be loud when they are instead trying to silently influence or use you to infect through a supply chain.  

CISO in Software3 years ago

In many panels at the RSA Conference a few weeks ago, the speakers indicated that the risk of Russian GRU and SVB based attacks was imminent due to the sanctions leveraged against Russia.

Director in Manufacturing3 years ago

They have been occurring for years to steal intellectual property and information. And it won’t stop. Will it escalate into sabotage like the Colonial Pipeline…. Maybe but perhaps not until conventional skirmishes begin

Content you might like

Our organization is subject to data retention requirements over very long periods (50 years or more). Do your organizations face similar constraints? If so, what long-term retention strategy have you implemented for these regulated data, and what technologies or solutions do you use to ensure their durability and compliance?

Read More Comments

As organizations deploy LLMs and other AI systems, how do you recommend security teams address risks such as data leakage, prompt injection and adversarial manipulation? What frameworks or practices should be prioritized to make AI security programs resilient from day one?

Is footprinting an effective way to do vulnerability management?

Very effective1%

Somewhat effective52%

Slightly effective31%

Slightly ineffective8%

Somewhat ineffective3%

Not at all effective

Not sure yet1%

View Results

With Gartner highlighting the urgency of post-quantum cryptography (PQC), I would like to know if there are other members of the group already involved in the discussion or in the planning to face the threat of attacks like 'harvest-now, decrypt-later'?

Which role-based access is most important? (Select all that apply)

Read only19%

Limited admin (eg. Backup, infrastructure, cloud, storage, helpdesk, general)44%

Super admin45%

Security and governance29%

Manager access22%

Application owner26%

Department admin (eg. Finance, HR, operations)13%

Developer admin12%

QA admin9%

Service/support admin9%

Other/custom2%

View Results