Organizations must do more to keep up with the ever-growing volume of cybersecurity risks, according to recent research reports. And automation, orchestration and machine learning technologies could be the answer.
In this monthly roundup, eSecurity Planet summarizes findings from eight different research reports — and the key lessons that enterprises must learn to protect themselves against current and emerging risks.
- Accenture - Cost of Cybercrime Study
- CyberEdge - Cyberthreat Defense Report
- Deloitte - Future of Cyber Survey
- Experian - Data Breach Readiness
- FireEye - Mandiant M-Trends report
- SonicWall - Cyber Threat Report
- Venafi - Digital Certificate Availability
The Accenture 2019 Cost of Cybercrime Study, released on March 6, revealed that on average the cost of malware attacks for organizations was $2.6 million, an 11 percent year-over-year increase.
Accenture also found a big jump in the cost of malicious insider-related cyberattacks, up 15 percent to $1.6 million on average per organization. While the costs are rising, Accenture found that organizations are largely not deploying the right types of technology to help reduce cybercrime costs. Only 28 percent of organizations reported deploying automation, orchestration and machine-learning technologies.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
"From people to data to technologies, every aspect of a business invites risk and too often security teams are not closely involved with securing new innovations," said Kelly Bissell, senior managing director of Accenture Security. "This siloed approach is bad for business and can result in poor accountability across the organization, as well as a sense that security isn't everyone’s responsibility."
Key takeaway: Integrate automation and orchestration technologies where possible to help improve security outcomes.
The sixth annual Cyberthreat Defense Report from the CyberEdge Group, released on March 26, found that the volume of security data is a top challenge for most organizations.
To address the data deluge challenge, over 90 percent of IT security organizations have invested in machine learning technologies to combat advanced threats. Overall, the volume of successful cyberattacks inched upwards to 78 percent of all surveyed organizations.
"Security analytics and machine learning could very well hit their stride in 2019," said Steve Piper, CEO of CyberEdge Group. "We surveyed our research participants on their intended cyber investments across a broad range of security technologies. Respondents identified 'advanced security analytics with machine learning' as the most-wanted security technology for the coming year."
Key takeaway: If you haven't yet invested in machine learning and data analytics for cybersecurity, it's time to get started.
Delotte released its 2019 Future of Cyber survey on March 4, identifying gaps in how organizations are preparing for future challenges.
The idea of digital transformation is common across many organizations, yet Deloitte found that only 14 percent of cyber budgets are directed toward helping secure the transformation. Additionally, the idea of DevSecOps, where security is an integrated component of development and deployment, ranked lowed on the list of cybersecurity priorities organizations have outlined.
"As organizations embrace digital transformation and are shifting to the cloud, simplifying technology infrastructure and outsourcing workload to third parties, they are also expanding their cyber risk," said Emily Mossburg, leader of the Secure practice in Deloitte's cyber risk services. "Cyber will become more prolific across systems, platforms, and people — employees, customers, and partners — and enterprise leadership has to correlate all of that to stay ahead of the adversary and protect the organization's most valuable assets."
Key takeaway: Cybersecurity needs to be a board-level issue and a high priority for executive management.
Experian released its corporate preparedness study, "Is Your Company Ready for a Big Data Breach?" on March 4, revealing that only 36 percent of organizations are truly prepared for a data breach event.
One reason for organizations to feel unprepared include lack of executive management engagement in plans for dealing with a data breach. Additionally the complexity and proliferation of cloud services has impacted visibility and expanded the potential attack surface. Further adding to risk, Experian found that 53 percent of surveyed organizations don't have a cyber insurance policy that can help recoup expenses and cover damages in the event of a data breach.
"Prevention is the key, but if an incident occurs, swift management afterward will greatly minimize the damage," said Michael Bruemmer, vice president of Data Breach Resolution at Experian. "Organizations should implement a strong security posture, staying up to date with the latest attack threats, engage in pre-breach agreements with security partners and hold a practice drill every year with a dedicated response team."
Key takeaway: Have an incident response plan in place and be sure to have executive management participation in the process.
FireEye released its Mandiant M-Trends 2019 report on March 4, revealing a number of positive trends.
Among them is that organizations are getting better at discovering breaches faster, with an average dwell time (the time between the start of an intrusion and identification by defenders) in 2018 of 50.5 days, down from 57.5 days in 2017. While organizations are finding threats faster, FireEye also found that attackers are becoming increasingly persistent, repeatedly attacking the same targets.
"Our 2019 M-Trends report shows that no industry is safe from these threats, which is why it is positive to see breach response times improving across the board," said Jurgen Kutscher, Executive Vice President of Service Delivery at FireEye. "However, most attackers only need a few days inside an organization to cause costly damage so the battle on the front lines of cyber-attacks will continue for the foreseeable future."
Key takeaway: Be sure to have active threat hunting operations to rapidly identify threats to keep attacker dwell time to a minimum.
The 2019 SonicWall Cyber Threat Report was released on March 26, reporting a record high of 10.52 billion malware attacks in 2018.
The malware attacks were increasingly sophisticated as well, with 19.2 percent of malware attacks leveraging non-standard ports to exploit victims. There was also a 27 percent year-over-year increase from 2017 in the volume of encrypted malware attacks, as attackers increasingly seek to hide their malicious activities. Overall, SonicWall report that in 2018, 391,689 new attack variants were identified.
"Cyber perpetrators are not letting up in their relentless pursuit to illegally obtain data, valuable information and intellectual property," said Bill Conner, President and CEO, SonicWall. "We must be unyielding in this cyber arms race."
Key takeaway: Don't be complacent and keep updating and upgrading cybersecurity technology to deal with new and emerging threat vectors.
On March 26, Venafi released the results of a study on the impact of digital certificate availability on business critical infrastructure.
The Venafi study found that 60 percent of surveyed organizations have been affected by a certificate-related outage in the last year. The challenge is that when a certificate expires and isn't renewed or is unavailable for some other reason, an entire service can become inaccessible. According to Venafi, the challenges of certificate management will only increase in the next five years, as nearly 80 percent of organizations estimate certificate use in their organizations will grow by 25 percent or more.
"Ultimately, companies must get control of all of their certificates; otherwise, it's simply a matter of time until one expires and causes a debilitating outage," said Kevin Bocek, vice president, security strategy and threat intelligence at Venafi. "CIOs need greater visibility, intelligence and automation of the entire lifecycle of all certificates to do this."
Key takeaway: Managing SSL/TLS and other key digital certificates requires more diligence and tracking than simply using a spreadsheet and calendar reminders.
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.