Research from MIT Sloan Indicates Top CISO Priority is Enhancing Coverage for a Wide Variety of Attack Types and Surfaces


Security Executives are Concerned about Combatting Ransomware and Improving Cloud Security

Attivo Networks® has announced its participation with SINC and MIT Sloan on a research report entitled “The Cybersecurity Landscape: Challenges and How to Overcome Them.” The research was completed primarily with CISOs, CIOs and other security executives during the coronavirus pandemic, and priorities have changed with the shift to remote working.

With more people working from home, attacks that disrupt services or use credential theft are top concerns, along with the need to protect cloud architectures and critical access resources like Active Directory.  Executives are prioritising security investments that help them fight disruption of service and ensure compliance. A significant concern is ransomware, in part because business continuity and maintaining uptime are of utmost importance to keep operations running.

Key report findings included:

– When asked about priorities to address in the next 12 months, more than 70% of the respondents chose detecting unknown and known attacks, detection across attack surfaces, and insider threats.

– Nearly all respondents cited disruption/ransom as being their most significant concern.  Indeed, attackers are targeting items of high value to secure ransom payments and this is now driving the highest area of investment among respondents.

– Compliance and regulatory requirements followed by cloud mitigation were the second and third ranked areas of concern driving security investments.

– At the same time, ensuring supply chain partners are as secure as possible is increasingly  vital to executives since their customers hold the company responsible for any breach, even if a supplier is responsible for it. As a result, executives are increasingly seeking
solutions that help them understand and minimise vulnerabilities from insider and supplier threats.

– Almost 80 per cent of respondents listed Active Directory security as a top priority for attention and investment.  Active Directory is a primary target for attackers since it gives access to so much of an organisation’s systems.  The survey also found that organisations have strong expansion plans for endpoint and remote site security due to the onset of remote working and the issues associated with VPN split-tunnelling.

– Overall, businesses continue to struggle with reducing dwell time and their efficiency in responding to incidents. Recent reports still show average dwell time in days or months rather than minutes.

– The majority of respondents value deception technology for its comprehensive threat detection, highlighting the technology’s ability to detect any attack vector across any attack surface without relying on known behaviours or signatures. Following closely behind in value is deception’s ability to enable faster triage.

– It was not surprising to see traditional IPS/IDS and EPP/EDR tools rank highly. What is noticeable is that deception ranked as one of the top two or three detection tools for combating lateral movement, Advanced Persistent Threats (APTs), ransomware and insider threats. prevent those attacks.”

Sarah Ashburn, SVP of Sales and Customer Success at Attivo Networks, said, “Much of this year’s research indicates a continued demand for in-network detection that works reliably across existing and emerging attack surfaces and is effective against all attack vectors. Our customers tell me that deception provides the easiest way to do gap analysis and in real-time see how dirty their network is. They also see the types of attacks present and the types of technologies needed to prevent those attacks.”

Respondents in “The Cybersecurity Landscape” report included 100 security professionals with the title of CISO, CIO, Cybersecurity Director, Security Risk Officer/Manager, Director of Security, or VP of Security. The study focuses on their highest priority concerns and priorities, how they evaluate their activities, and what tools and resources they plan to use to improve their security posture. To download the report, visit here