Quarter of Breached Organizations Learn Through Third Parties
Cyber attackers are gaining access to valuable, sensitive data such as login and access credentials, according to the 3rd Annual SANS Endpoint Security Survey conducted by SANS Institute and co-sponsored by Guidance Software.
The data can be used to further compromise networks and gain access to sensitive information on employees, customers and company intellectual property and trade secrets, the study says. Other highly compromised data includes email files (28%) and sensitive customer or employee data (17%).
SANS surveyed 829 IT professionals with endpoints located around the world to explore how IT professionals monitor, assess, protect and investigate endpoints.
The survey results highlight the need for a more proactive approach to detecting threats and compromises. While 44% of respondents said that their endpoint systems have been compromised within the last 24 months, 15% reported that they didn’t know how many threats were detected through proactive hunting.
For the second year in a row, more than a quarter of respondents were notified of a breach by a third party.
“Cybercriminals are constantly looking for ways to infiltrate a company’s network to steal valuable data,” said Ken Basore, senior vice president of product engineering at Guidance Software. “The longer they remain undetected, the greater the damage they can inflict.”