SlashNext recently sponsored a Dark Reading Malware and Threat Survey – 2019 Online Malware and Threats: A Profile of Today’s Security Posture – that showed a significant increase in attack volumes. You can check out the complete survey for details, but here are some highlights from Dark Reading:
- 66% of organizations say they detect phishing attacks frequently or very frequently.
- 41% of organizations report frequent or very frequent malware detections on their networks.
- 8% of respondents say their organizations have experienced frequent compromises from BEC attacks.
- 24% of organizations consider BEC attacks to be their top worry over the next two years.
- 47% of respondents say that cybercriminals who steal personal and financial data are the attackers that concerns them most.
- 36% of organizations experience less than one serious breach or compromise a year; 3% experience such a compromise daily.
- 48% of organizations get information about new malware threats or zero-day exploits from a threat intelligence feed or service.
- 22% of security professionals say that knowing the motivations of an attacker is very important.
- 71% of organizations learn about security from news sites and online blogs.
With these key takeaways in the back of your mind, what does your current security infrastructure look like? We commissioned a whitepaper earlier this fall with Osterman Research that showed the vast majority of organizations have deployed endpoint-based anti-virus/anti-malware tools, threat intelligence feeds or phishing website lists or blocklists, cloud-based, secure email gateways, and other on-premise secure web gateways.
What Osterman found, however, is that what most decision makers and influencers would like to go beyond these protocols. Most notably, they wanted to include cloud application security brokers, cloud-based end point detection and response (EDR) solutions, cloud-based secure web gateways, and cloud-based Data Loss Prevention (DLP).
The need to step up current security protocols now more than ever is that security is becoming a regulatory issue. While security breaches have always entailed serious financial, reputational, and other consequences, new regulations like the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), mean that data breach consequences are that much more severe. What’s more, the GDPR requires reporting of a data breach within 72 hours. Organizations that do not have the capabilities to detect that they have been breached can run afoul of these regulations. We’ve blogged before of the threat detection deficit, which certainly goes beyond 72 hours.
Any organization can take the first step to reduce their exposure to fast moving phishing sites and breaches by using our Real-Time Phishing Threat Intelligence. It identifies live zero-hour threats in real-time and allows organizations to respond in real-time with automated blocking through their firewall.
In addition, our Phishing URL Analysis solution can dramatically reduce the time and effort involved in researching suspicious URLs. With more powerful real-time analysis, SlashNext detects previous unknown phishing URLs that may never be detected by other systems or found in any commercial or free phishing URL databases. And with browser-based analysis, SEER detection technology is able see through the growing variety of URL obfuscation techniques and evasion tactics.
Interested in exploring how you can reduce your time to discovery? Try SlashNext Real-Time Phishing Threat Intelligence free for 15 days.
*** This is a Security Bloggers Network syndicated blog from SlashNext authored by sln_admin. Read the original post at: https://www.slashnext.com/blog/what-does-your-current-security-infrastructure-look-like/