sb-au logo
Story image

New report reveals key concerns of threat management pros in 2020

22 Apr 2020

Attivo Networks has today revealed the results of its research into the most significant concerns of top threat management and cybersecurity professionals, with the report indicating many of the concerns highlighted in the previous year's research have been exacerbated. 

User networks and endpoints are the biggest concern for 65% of survey respondents, an 11% increase from last year, according to the research released yesterday.

The increase, says Attivo, can be attributed to four factors:

  • The evolution of an increasingly perimeter-less environment
  • The sheer number of successful endpoint attacks
  • The rising cost per endpoint breach
  • Difficulties associated with quickly detecting a compromised system before an attacker can move laterally.

35% of respondents rated threats related to remoting working as an attack surface of concern – however, the survey was conducted before the COVID-19 pandemic struck, and Attivo expects this number to rise in future.

The report also found the cloud is a significant concern by 63% of respondents. 

It attributes this to the continued migration of companies to IaaS and SaaS services and the concerns cybersecurity professionals have about securing these broad attack surfaces and shared security models.

Reducing attacker dwell time, or the length of time from when a breach occurs and when an organisation detects the breach, is becoming more of a significant issue, according to the survey.

Nearly two-thirds (64%) of respondents indicated that 100 days of dwell time seemed accurate or was too low, up three percentage points from last year. 

In terms of dwell time, the most alarming statistic was the 7% jump year-on-year of respondents stating they were not tracking dwell time statistics.

Complementary security technology is seeing increased usage from last year. Respondents believe threat actors are most concerned about traffic analysis (44%), followed closely by deception technology and next-generation firewalls (both 40%), IDS (39%), SIEMs (37%), EDR/next-generation AV (27%), IAM (22%) and UEBA (15%). 

Deception technology is also being increasingly employed to close detection gaps and efficiently covering attack surfaces such as endpoint, cloud, and inter-connected OT environments.

Malware and ransomware attacks continue to be top of mind for cybersecurity and threat management professionals, with 66% of respondents putting these types of attacks at the top of their list of concerns, a 5% increase from last year.

Attivo says this result indicates that anti-virus, firewalls, and other prevention technologies still struggle to detect and stop attacks and that different detection solutions and/or organizations need more layers of defence to halt these attacks.

“Much of this year’s research indicates a continued demand for in-network detection that works reliably across existing and emerging attack surfaces and is effective against all attack vectors,” says Attivo Networks chief deception officer Carolyn Crandall.

“Reducing dwell time has also become an increased focus, as well as adopting technologies that detect attackers inside the network early and accurately. 

“A multi-layered strategy of complementary security controls that include new solutions like deception technology is proving to create the most effective control.”

Story image
Three steps to a security-driven network for a stronger security posture
As the threat landscape continues to evolve and organisations stand to lose so much if they fall victim to an attack, it’s essential to ensure that security measures evolve in line with the network itself.More
Story image
Microsoft, Facebook and PayPal most impersonated brands during phishing attacks
Microsoft has maintained its position as the brand most often found in phishing emails, followed by Facebook and PayPal.More
Story image
Palo Alto Networks adds more incentives to NextWave partner program
This latest launch brings a significant set of enhancements, incentives and training to the company’s NextWave Partner Program.More
Story image
Organisations investing significant time modifying web application firewalls to keep ahead of cybersecurity threats
"The sheer amount of traffic and potential threats can ensnare resources and impact the ability to introduce greater precision to those key systems."More
Story image
Palo Alto Networks turns attention to supporting remote workforces
"We’re working with more organisations to pivot their security architecture and move towards a cloud-delivered security model that can safely connect any user, to any application, from anywhere.”More
Story image
WatchGuard rolls out updates to bring greater security to MSPs
"WatchGuard Cloud’s continued evolution is lowering the barrier to entry for MSPs to add security to their portfolios and solidifying it as the management platform of choice for the security channel.”More