- Jan 1, 1970
- Views: 1
- Page(s): 1
- Size: 746.10 kB
- Report
Share
Transcript
1 MANDIANT CONSULTING / M-TRENDS 2016 THREAT LANDSCAPE: 2015 was the year of more. More breaches became public than in any prior year, and BY THE more cyber threat groups were at work around the world with a wider array of motives. The groups infiltrated and destroyed systems, stole personal information and targeted networking devices. This resulted NUMBERS in more stress for those who had to deal with the loss of data and reputation, more time and money spent in recovering from an attack and more reasons for organizations to strengthen their security posture. THREE NEW TRENDS APPEARED IN 2015: TWO OLD TRENDS CONTINUED: Disrupting Stealing personally Attacking routers Using persistence Targeting outsourced business identifiable information and switches mechanisms service providers THE YEAR IN ATTACKS INDUSTRIES WHERE Percentage of total attacks by industry. MANDIANT INVESTIGATED BUSINESS AND PROFESSIONAL SERVICES 11% MEDIA AND ENTERTAINMENT 11% HIGH TECH 13% FINANCIAL SERVICES AND INSURANCE 10% ENERGY 1% AGRICULTURE AND FORESTRY 1% RETAIL 10% TELECOMMUNICATIONS 2% GOVERNMENT AND INTERNATIONAL ORGANIZATIONS 3% EDUCATION 8% LEGAL SERVICES 3% TRANSPORTATION 3% AEROSPACE AND DEFENSE 5% BIOTECHNOLOGY AND PHARMACEUTICALS 7% HEALTHCARE 5% CONSTRUCTION AND ENGINEERING 6% HIGH TECH BUSINESS AND MORE AND LESS PROFESSIONAL SERVICES 6% 6% Some industries saw an increase in attacks compared to 2014. Some saw a decrease. MORE BREACHES Compared to 2014, the percentage DISCOVERED INTERNALLY of victims discovering a breach internally rose 16%. 16% 47% Internal Discovery 53% External Notification TIME FROM COMPROMISE TO DISCOVERY EXTERNAL INTERNAL MEDIAN NOTIFICATION DISCOVERY ORGANIZATIONS MORE VIGILANT ABOUT DISCOVERY In 2015, the median time from compromise to discovery was cut by 59 days, down from 205 days. 146 320 56 DAYS DAYS DAYS A year of disruptive breaches resulted in new lessons regarding defense MORE LESSONS LEARNED and response. 1 Confirm there is a breach. 6 Engage experts before a breach for forensic, legal and PR support. Remember: youre dealing with 2 human adversaries. They can be unpredictable. 7 Consider all options when asked to pay a ransom. There are no guarantees. 3 Timing is critical validate and scope the breach, fast. 8 Ensure strong segmentation and controls over your backups. 4 Stay focused youre racing against time. 9 After an incident has been handled, focus on broader security improvements. 5 Carefully evaluate whether to confront an attacker (see lesson 2). 10 If you kick the attackers out, be prepared: they may come back. LEARN MORE Get the M-Trends 2016 special report at fireeye.com/M-Trends-2016.html FireEye, Inc. 1440 McCarthy Blvd. Milpitas, CA 95035 408.321.6300 / 877.FIREEYE (347.3393) / [email protected] fireeye.com 2016 FireEye, Inc. All rights reserved. FireEye is a registered trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners. INFO.MTRENDS.EN-US.032016
Load More