sb-au logo
Story image

Attivo Networks highlights CISOs top concerns following move to remote working

Combating threats and attacks from a wide variety of attack types and surfaces has become the number one priority for CISOs, according to new research from MIT Sloan in participation with Attivo Networks.

The research titled The Cybersecurity Landscape: Challenges and How to Overcome Them, focused specifically on CISOs, CIOs and other security executives attitudes and responses during the COVID-19 pandemic, and shows that priorities have changed with the shift to remote working.

With more people working from home, attacks that disrupt services or use credential theft are top concerns, along with the need to protect cloud architectures and critical access resources like Active Directory, the study finds.

Furthermore, executives are prioritising security investments that help them fight disruption of service and ensure compliance.

A significant concern is ransomware, in part because business continuity and maintaining uptime are of utmost importance to keep operations running. In fact, nearly all respondents cited disruption/ransom as being their most significant concern.

Indeed, attackers are targeting items of high value to secure ransom payments and this is now driving the highest area of investment among respondents.

When asked about priorities to address in the next 12 months, more than 70% of the respondents chose detecting unknown and known attacks, detection across attack surfaces, and insider threats.

Compliance and regulatory requirements followed by cloud mitigation were the second and third ranked areas of concern driving security investments.

At the same time, ensuring supply chain partners are as secure as possible is increasingly vital to executives since their customers hold the company responsible for any breach, even if a supplier is responsible for it.

As a result, executives are increasingly seeking solutions that help them understand and minimise vulnerabilities from insider and supplier threats, the study shows.

Almost 80% of respondents listed Active Directory security as a top priority for attention and investment. Active Directory is a primary target for attackers since it gives access to so much of an organisations systems.

The survey also found that organisations have strong expansion plans for endpoint and remote site security due to the onset of remote working and the issues associated with VPN split-tunnelling.

Overall, businesses continue to struggle with reducing dwell time and their efficiency in responding to incidents. Recent reports still show average dwell time in days or months rather than minutes.

The majority of respondents value deception technology for its comprehensive threat detection, highlighting the technology's ability to detect any attack vector across any attack surface without relying on known behaviours or signatures. Following closely behind in value is deceptions ability to enable faster triage.

Traditional IPS/IDS and EPP/EDR tools rank highly. What is noticeable is that deception ranked as one of the top two or three detection tools for combating lateral movement, Advanced Persistent Threats (APTs), ransomware and insider threats. prevent those attacks.

Attivo Networks SVP of sales and customer success Sarah Ashburn, says, “Much of this year's research indicates a continued demand for in-network detection that works reliably across existing and emerging attack surfaces and is effective against all attack vectors.

“Our customers tell me that deception provides the easiest way to do gap analysis and in real-time see how dirty their network is. They also see the types of attacks present and the types of technologies needed to prevent those attacks.”

Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More
Story image
The importance of selecting a secure SD-WAN solution
It’s essential to adopt a secure SD-WAN solution to avoid the risks that an unsecured SD-WAN solution can introduce, writes Wavelink managing director Ilan Rubin.More
Story image
ConnectWise launches bug bounty program to bolster cybersecurity strategy
“Crowdsourcing in this way represents a solid additional layer of security, and we clearly value the community's expertise and participation in helping us keep our products secure."More
Story image
Gartner: Security leaders must balance risk, trust and opportunity
Security and risk leaders must focus on balancing risk, trust and opportunity to help maintain the ability of their organisations to function.More