TMCnet News
Playing Whack-a-Mole: Results of the 2017 SANS Threat Landscape SurveyBETHESDA, Md., Aug. 7, 2017 /PRNewswire-USNewswire/ -- Endpoints—and the users behind them—are on the front line in today's security battles, according to results of a new survey on the threat landscape to be released by SANS Institute on Tuesday, August 15. "Users and their endpoints are still in the cross hairs," says Lee Neely, SANS Analyst, Mentor Instructor and author of the survey report. "Traditional and malware-less threats keep popping up at every corner, making our jobs as defenders resemble an ongoing game of Whack-a-Mole to keep them at bay." Phishing (72%), spyware (50%), ransomware (49%) and Trojans (47%) are the threats most seen by respondents' organizations, but not all of these have significant impact. When it comes to impact, phishing causes the most damage, and 40% of survey respondents experienced phishing attacks, including spearphishing and whaling in the last year. Almost one-third of respondents also experienced a malware-less threat entering their organization, impacting IT systems and adding to IT staff workload. These attacks are more difficult to find because they can't be detected by signature-based technologies. Scripting attacks were the most common malware-less incident, while credential compromise or privilege escalation caused the most impact. Few of the threats respondents faced were new zero-day threats, with 76% admitting that under 10% of the significant threats they saw were zero-day. "Today's threats predominately leverage the same old vulnerabilities and techniques," according to Neely. "The time is ripe to change our protections as well as remediation processes to stem the tide of successful threat vectors." Users are also part of the solution, with 37% of respondents indicating that calls to the help desk helped them iscover their most impactful threats. According to the survey results, user training, improved operational security practices and improved visibility into network and endpoint behavior are the top measures to improve threat prevention success and reduce the need to play Whack-a-Mole. Full results will be shared during a webcast on Tuesday, August 15 at 1 PM EDT, sponsored by Cylance, FireEye, McAfee, and Qualys, and hosted by SANS. Register to attend the webcast at www.sans.org/u/uGU Those who register for the webcast will also receive access to the published results paper developed by SANS Analyst and network security expert, Lee Neely. Tweet This: Users and endpoints at risk. Explore the threats they face and how to protect them. | Register for 8/15 webcast: www.sans.org/u/uGZ No need for zero-day threats, old vulnerabilities still work. Learn improvements needed. | 8/15 webcast: www.sans.org/u/uGZ About SANS Institute View original content:http://www.prnewswire.com/news-releases/playing-whack-a-mole-results-of-the-2017-sans-threat-landscape-survey-300500286.html SOURCE SANS Institute |