SANS 2017 Threat Landscape: highlights of the cyber threat survey

By Joseph Carson

The latest SANS 2017 Threat Landscape Survey has been released—the theme of the survey is ‘Users on the Front Line‘.

In summary, the survey results indicate that Endpoints and Users are on the front line in the battle against cyber threats. This reiterates Thycotic’s message that the traditional cyber security perimeter is no longer the firewall. Instead, it lies with digital identities, user devices and the data.

• “37% of respondents reported that calls to the help desk enabled them to discover their most impactful threats”

The top two active and significant threats against organizations are Phishing and Ransomware, which includes the recent WannaCry attack. DDoS replaced APTs as the third most significant threat—an unexpected surprise—which likely indicates that APTs got better at going undetected and staying hidden.

New risk: the introduction of malware-less threats.

New areas of risk include the introduction of malware-less threats that bypass traditional security controls, easily exploiting credentials, compromising exploits and dropping malicious binaries.

• “74% of respondents named clicking a link or opening an attachment in an email as the top ways threats enter the organization”

• “81% see endpoint security tools as the most helpful for threat detection”

• “81% noted log management tools and services were helpful in determining threat scope”

More key findings:

• “The top threat with significant impact was from phishing emails”
• “The top malware-less threat with significant impact was from Compromised Credentials”

The report also provides clarity around the sometimes confusing definition of a Data Breach versus a Security Incident—many incidents reported are false positives, and more than 50% of respondents reported the incident caused more of an annoyance rather than any significant impact.

To be clear: employees, endpoints and data are on the front line of cyber security, and the better they are protected the lower the risk of cyber attacks.

For more detailed information, the report can be found here:

Your privileged accounts are a favorite target of hackers.

Free Tool: Discover and secure ALL your Windows privileged accounts fast.

Source:: Thycotic