Losing the cyber security war, more organizations beefing up detection efforts
The battle to keep cyber attackers from successfully compromising networks is not working, according to a recent report by threat detection company Attivo Networks.
The company surveyed more than 450 cyber security professionals worldwide from August to December 2018, and more than half of the respondents reported that 100 days of dwell time or more was representative of their organization, while nearly half indicated that their mean time to detection was plateauing or increasing.
Malware and ransomware (cited by 61 percent) topped the list of security concerns, despite available anti-virus, firewall, and other prevention technologies. Also mentioned as concerns were credential theft (52 percent) and targeted attacks (50 percent).
The survey also reinforced that the security battle is now shifting inside the network, with 23 percent of respondents reporting that they are now spending more on detection than prevention security controls.
One of the most interesting findings, according to the report, was that respondents felt that attackers are most concerned about threat deception technology (55 percent) and next-generation firewalls (NGF)/intrusion detection systems (56 percent). This would indicate that these tools are viewed as an effective way to detect and stop known threats, it said.