Organizations face an increasing number of cybersecurity threats, taxing the ability of IT teams to protect their systems and networks. An understanding of the most common threats and sources of compromise enables them to focus their efforts and increase the odds of preventing a security breach.
To that end, the SANS Institute conducted a survey of more than 250 IT and security administrators, engineers, IT managers, developers, and privacy experts to assess the top threats, risks, and fears related to securing data assets and keeping networks secure. Here are key findings from the 2017 SANS Data Protection Survey report:
Organizations Face Multiple Threats to Data. The survey found that ransomware, insider threats, and denial of service (DoS) attacks are considered the top three threats faced by organizations. Overall, 78 percent of respondents have seen two or more different types of threats over the last 12 months, with 68 percent seeing the same threat types multiple times.
Data Exfiltration Is Common in Security Breaches. Almost half (48 percent) of those who sustained a breach report that the incident resulted in the exfiltration of sensitive data. The primary data transport vector was via an encrypted channel established by malware, while the secondary vector was email. Of those organizations experiencing a data breach, 43 percent encountered exfiltration of sensitive data through encrypted channels.
Hacking and Insider Attacks Are Almost Equally Common. Hackers and malware were the most common underlying causes of breaches of sensitive data, according to 41 percent of respondents. Insider compromise was the second greatest threat, according to 37 percent.
Lack of DNS Scanning Opens the Door to Threats. DNS-related attacks are increasingly common and can result in significant business disruption. While 42 percent of respondents said they conduct scans of their DNS infrastructures, only 19 percent conduct scans on at least a weekly basis, with a mere 9 percent scanning continuously. A majority of respondents (58 percent) do not utilize DNS-based detection techniques or are unaware of current efforts to do so.
Insufficient Resources Are the Greatest Cybersecurity Challenge. When asked about their organizations’ greatest obstacle when it comes to protecting sensitive data, 31 percent of respondents report lack of staffing and resources. In addition, 59 percent said they are using manual processes to identify sensitive assets, a practice that leaves their networks vulnerable to massively automated attacks.
The survey also found that 78 percent of organizations had encountered two or more threats to their data in the past 12 months, while 12 percent had experienced a security breach. User credentials and privileged account information represented the most common data types exposed in these breaches. Privileged account data is prized by attackers, more desirable than sensitive data targeted for financial gain or destruction. This drives home the fact that identity and access management plays an increasingly critical role in cybersecurity today.
Knowledge is power, particularly when it comes to security threats. Organizations with limited IT resources should take steps to protect against the most common forms of attack and ensure that user access credentials are carefully managed and secured.
For more information about Cybersecurity Threats, please send us an email at (firstname.lastname@example.org).