computer hack (MARCUSZ2527/


Gloomy cyber forecast from Black Hat

What: Portrait of an Imminent Cyberthreat: 2017 Black Hat Attendee Survey

Why:  At one of the largest gatherings of cybersecurity professionals, attendees voiced their concerns about an attack on the nation's critical infrastructure and enterprise vulnerabilities. “The combination of increased nation-state hacking, a lack of cyber preparedness in government, and the availability of sites that publish stolen data, including WikiLeaks, is a recipe for concerns about an imminent, successful cyberattack on US infrastructure," the survey said.

Findings: Sixty percent of nearly 600 respondents – 40 percent of whom work in critical infrastructure -- said they believe a successful cyberattack on U.S. critical infrastructure will happen in the next two years. Only 26 percent of those same security professionals are confident that U.S. government and defense forces are equipped and trained to respond appropriately to such an attack.

The White House is not building confidence in IT professionals, either. Nearly half  of those surveyed thought the new administration would have a negative impact on cybersecurity policy, regulation and law enforcement; only 26 percent thought the impact would be positive.

Although ransomware was cited by 36 percent of respondents as the most serious cyber threat to emerge in the past year, half security experts were especially worried about the threat posed by phishing, social network exploits, or other forms of social engineering. That was followed by sophisticated attacks targeted directly at the organization at 45 percent and accidental leaks at 21 percent.  End users who violate security policies and are too easily fooled by social engineering attacks were considered the weakest link in enterprise IT defenses.

While social engineering attacks remain the leading concern today, respondents said that the No. 1 future worry is internet-of-things security.

Dealing with these phishing attacks was considered by 35 percent as their most time-consuming task. Managing their organization's security posture and keeping in compliance with industry and regulatory guidelines rounded out the top three most time-intensive tasks for security pros.

Read the full report here.

About the Author

Matt Leonard is a former reporter for GCN.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected