FireEye Releases Mandiant M-Trends 2017 Report
Some of the key findings include:
- Organizations around the globe are becoming better at identifying breaches. The global median time from compromise to discovery has dropped significantly from 146 days in 2015 to 99 days in 2016.
- Attackers are more sophisticated than ever before. State-sponsored actors continue to set a high bar for sophisticated cyber attacks, but some financial threat actors have caught up -- making them difficult to detect, and challenging to investigate and remediate.
- An unexpected trend observed in 2016 is attackers calling targets on the phone. They did this to convince victims to enable macros in a phishing document, or to get targets to provide a personal email address to circumvent controls protecting corporate accounts.
- Defensive capabilities have been slow to evolve. A majority of both victim organizations and those working diligently on defensive improvements are still lacking fundamental security controls and capabilities to prevent breaches or minimize the damages and consequences of a compromise.
Organizations must adopt a posture of continuous cyber security, risk evaluation and defensive adaptation. If not, they stand to have significant gaps in both fundamental security controls and -- more critically -- visibility and detection of targeted attacks.
"The types of attacks we are seeing are familiar, but with increasing sophistication. Determined attackers are extremely persistent and demonstrate increasing ingenuity in achieving their objectives. Organizations still need to focus on the fundamentals of IT Security," said
Click here to download a full copy of the Mandiant M-Trends 2017 report.
News Provided by Acquire Media