Mandiant Security Effectiveness Report 2020 Now Available
May 05 2020 - 8:00AM
Business Wire
Research reveals that a majority of attacks
successfully infiltrate enterprise environments without
detection
FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security
company, today released the Mandiant® Security Effectiveness Report
2020 which reveals data about how well organizations are protecting
themselves against cyber threats and the overall effectiveness of
their security infrastructure.
This press release features multimedia. View
the full release here:
https://www.businesswire.com/news/home/20200505005192/en/
In the tests, 53% of attacks successfully
infiltrated environments without detection. (Graphic: Business
Wire)
The report summarizes the results of thousands of tests
performed by experts from the Mandiant Security Validation
(previously known as Verodin) team. The tests consisted of real
attacks, specific malicious behaviors, and actor-attributed
techniques and tactics run in enterprise-level production
environments representing 11 industries against 123 market-leading
security technologies -- including network, email, endpoint, and
cloud solutions. The report reveals that while organizations
continue to invest significant budget dollars in security controls
and assume that this means assets are fully protected, the reality
is that a majority of the tested attacks successfully infiltrated
the organizations’ production environments without their knowledge.
Additionally, the report includes guidance to help organizations
ensure that their security controls perform as expected by
implementing a strategy that includes continuous security
validation.
“Every organization wants reliable data that tells them if their
security investments are delivering real value and protecting them
from becoming the next major cyber-attack headline,” said Chris
Key, Senior Vice President at Mandiant Security Validation. “Our
research shows that while the majority of companies assume they’re
protected, the truth is that more often than not, they are exposed.
Using automated security validation integrated with the latest
threat intelligence and frontline expertise, we can help customers
validate the health of their infrastructure by testing against
threats that are most likely to target their organization. This
combination is not only a powerful defensive measure, but it also
helps companies prioritize investments where they will have the
most impact.”
A Snapshot of Security Effectiveness Challenges
In the tests, 53% of attacks successfully infiltrated
environments without detection. 26% of attacks successfully
infiltrated environments but were detected, while 33% of attacks
were prevented by security tools. Alerts for only 9% of attacks
were generated, demonstrating that most organizations and their
security teams do not have the visibility they need into serious
threats, even when they use central SIEM, SOAR and analysis
platforms.
In conducting its analysis, the Mandiant Security Validation
team observed that the most common reasons for poor optimization of
organizations’ security tools were:
- Deployed under default “out-of-the-box” configurations
- Lack of resources to tune and tweak post-deployment
- Security events not making it to the SIEM
- Inability to force controls testing
- Unexpected changes or drift in the underlying
infrastructure
The report also takes a deeper look into techniques and tactics
used by attackers and outlines the primary challenges most commonly
uncovered in enterprise environments through security validation
and conducting testing:
- Reconnaissance: In testing network traffic,
organizations reported only 4% of reconnaissance activity generated
an alert
- Infiltrations & Ransomware: 68% of the time,
organizations reported their controls did not prevent or detect the
detonation within their environment
- Policy Evasion: 65% of the time, security environments
were not able to prevent or detect the approaches being tested
- Malicious File Transfer: 48% of the time, controls in
place were not able to prevent or detect the delivery and movement
of malicious files
- Command & Control: 97% of the behaviors executed did
not have a corresponding alert generated in the SIEM
- Data Exfiltration: Exfiltration techniques and tactics
were successful 67% of the time during initial testing
- Lateral Movement: 54% of the techniques and tactics used
to execute testing of lateral movement were missed
In addition to the above insights and most likely underlying
causes of each issue, the Mandiant Security Effectiveness Report
2020 offers real-world examples that demonstrate the negative
impact these performance gaps have caused in various industry
sectors.
“Whether or not they realize it, organizations across all
industries need to combat the alarming reality that is revealed in
our Security Effectiveness Report,” Key continued. “The only proven
way to do that is through continuous validation of security
controls against new and existing threats, with technology that
automates the measurement of security effectiveness and provides
data efficacy of measured outcomes. Our report provides guidance on
how exactly to do that.”
To download a full copy of the Mandiant Security Effectiveness
Report 2020, including a list of the 10 fundamentals for successful
cyber security effectiveness validation, visit
https://www.fireeye.com/ser2020.
About Mandiant Solutions
The cyber landscape continues to grow in complexity as
adversaries become increasingly sophisticated and rapidly morph
their tactics. To outmaneuver motivated attackers, organizations
need continuous security validation technology powered by timely
and relevant intelligence. Mandiant Solutions, part of FireEye,
brings together the world’s leading Threat Intelligence and
front-line incident response data with continuous security
validation technology to arm organizations with the tools needed to
increase security effectiveness and reduce business risk while
protecting their reputation and economic value.
About FireEye, Inc.
FireEye is the intelligence-led security company. Working as a
seamless, scalable extension of customer security operations,
FireEye offers a single platform that blends innovative security
technologies, nation-state grade threat intelligence, and
world-renowned Mandiant consulting. With this approach, FireEye
eliminates the complexity and burden of cyber security for
organizations struggling to prepare for, prevent, and respond to
cyber attacks. FireEye has over 9,000 customers across 103
countries, including more than 50 percent of the Forbes Global
2000.
© 2020 FireEye, Inc. All rights reserved. FireEye, Mandiant and
Verodin are trademarks or registered trademarks of FireEye, Inc. in
the United States and other countries. All other brands, products,
or service names are or may be trademarks or service marks of their
respective owners.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20200505005192/en/
Media Inquiries: Media.Relations@FireEye.com Investor Inquiries:
Investor.Relations@FireEye.com
FireEye (NASDAQ:FEYE)
Historical Stock Chart
From Mar 2024 to Apr 2024
FireEye (NASDAQ:FEYE)
Historical Stock Chart
From Apr 2023 to Apr 2024