The SANS 2017 Threat Landscape Survey Report presents valuable insights into the types of threats impacting organizations today looking at how to anticipate attacks and get ahead of the attackers. Unsurprisingly the study found phishing (which also includes spear phishing and whaling) and ransomware represented the top two most significant threats to hit organizations in the past year. This year, DDoS replaced advanced persistent threats (APTs) as the third-most significant threat.
According to the report ‘"Endpoints—and the users behind them—are on the front lines of the battle: Together they represent the most significant entry points for attackers obtaining a toehold into the corporate network. Users are also the best detection tool organizations have against real threats."
A lack of skilled security resource impedes protection efforts. IT Staff report they still have trouble filtering out false positives and distinguishing real, high-impact threats they should respond to. It was clear among those surveyed there was a strong need for either skills or budget to implement needed threat protection solutions.
SANS Survey Results
The survey results highlight users and endpoints as primary targets, but also part of the solution. In the survey, 37% of respondents indicated that their IT helpdesk helped them recognise the most impactful threats. User training, improved security practices and better visibility into network activity were all cited as the top measures to improve threat prevention.
The report makes for interesting reading, read the report to find out how attacks are changing and how cybercriminals are circumventing defences, you can access it here : Access SANS 2017 Threat Landscape Survey Report