Dubai, UAE: – FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today released the Mandiant® Security Effectiveness Report 2020 which reveals data about how well organizations are protecting themselves against cyber threats and the overall effectiveness of their security infrastructure.
The report summarizes the results of thousands of tests performed by experts from the Mandiant Security Validation (previously known as Verodin) team. The tests consisted of real attacks, specific malicious behaviors, and actor-attributed techniques and tactics run in enterprise-level production environments representing 11 industries against 123 market-leading security technologies -- including network, email, endpoint, and cloud solutions. The report reveals that while organizations continue to invest significant budget dollars in security controls and assume that this means assets are fully protected, the reality is that a majority of the tested attacks successfully infiltrated the organizations’ production environments without their knowledge. Additionally, the report includes guidance to help organizations ensure that their security controls perform as expected by implementing a strategy that includes continuous security validation.
“Every organization wants reliable data that tells them if their security investments are delivering real value and protecting them from becoming the next major cyber-attack headline,” said Chris Key, Senior Vice President at Mandiant Security Validation. “Our research shows that while the majority of companies assume they’re protected, the truth is that more often than not, they are exposed. Using automated security validation integrated with the latest threat intelligence and frontline expertise, we can help customers validate the health of their infrastructure by testing against threats that are most likely to target their organization. This combination is not only a powerful defensive measure, but it also helps companies prioritize investments where they will have the most impact.”
A Snapshot of Security Effectiveness Challenges
In the tests, 53% of attacks successfully infiltrated environments without detection. 26% of attacks successfully infiltrated environments but were detected, while 33% of attacks were prevented by security tools. Alerts for only 9% of attacks were generated, demonstrating that most organizations and their security teams do not have the visibility they need into serious threats, even when they use central SIEM, SOAR and analysis platforms.
In conducting its analysis, the Mandiant Security Validation team observed that the most common reasons for poor optimization of organizations’ security tools were:
- Deployed under default “out-of-the-box” configurations
- Lack of resources to tune and tweak post-deployment
- Security events not making it to the SIEM
- Inability to force controls testing
- Unexpected changes or drift in the underlying infrastructure
The report also takes a deeper look into techniques and tactics used by attackers and outlines the primary challenges most commonly uncovered in enterprise environments through security validation and conducting testing:
- Reconnaissance: In testing network traffic, organizations reported only 4% of reconnaissance activity generated an alert
- Infiltrations & Ransomware: 68% of the time, organizations reported their controls did not prevent or detect the detonation within their environment
- Policy Evasion: 65% of the time, security environments were not able to prevent or detect the approaches being tested
- Malicious File Transfer: 48% of the time, controls in place were not able to prevent or detect the delivery and movement of malicious files
- Command & Control: 97% of the behaviors executed did not have a corresponding alert generated in the SIEM
- Data Exfiltration: Exfiltration techniques and tactics were successful 67% of the time during initial testing
- Lateral Movement: 54% of the techniques and tactics used to execute testing of lateral movement were missed
In addition to the above insights and most likely underlying causes of each issue, the Mandiant Security Effectiveness Report 2020 offers real-world examples that demonstrate the negative impact these performance gaps have caused in various industry sectors.
“Whether or not they realize it, organizations across all industries need to combat the alarming reality that is revealed in our Security Effectiveness Report,” Key continued. “The only proven way to do that is through continuous validation of security controls against new and existing threats, with technology that automates the measurement of security effectiveness and provides data efficacy of measured outcomes. Our report provides guidance on how exactly to do that.”
To download a full copy of the Mandiant Security Effectiveness Report 2020, including a list of the 10 fundamentals for successful cyber security effectiveness validation, visit https://www.fireeye.com/ser2020
-Ends-
About Mandiant Solutions
The cyber landscape continues to grow in complexity as adversaries become increasingly sophisticated and rapidly morph their tactics. To outmaneuver motivated attackers, organizations need continuous security validation technology powered by timely and relevant intelligence. Mandiant Solutions, part of FireEye, brings together the world’s leading Threat Intelligence and front-line incident response data with continuous security validation technology to arm organizations with the tools needed to increase security effectiveness and reduce business risk while protecting their reputation and economic value.
About FireEye, Inc.
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.
© 2020 FireEye, Inc. All rights reserved. FireEye, Mandiant and Verodin are trademarks or registered trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.
Media Inquiries:
Komal Mishra
Komal@activedmc.com
© Press Release 2020
Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.
The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.
To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.
