Recently, Vectra published the 2018 Black Hat Edition of the Attacker Behavior Industry Report, which covers the period from January through June 2018. While there are plenty of threat-research reports out there, this one offers unique insights about real-world cyberattacker behaviors found in cloud, data center and enterprise networks.
Most industry security reports focus on statistics of known threats, such as exploits and malware families, or provide a post-mortem of successful breaches. The first type of report addresses threats that network perimeter defenses were able to block, and the second lists attacks that were missed entirely.
This report reveals cyberattack detections and trends from a sample of over 250 opt-in enterprise customers using the AI-powered Vectra Cognito platform across nine different industries, including manufacturing.
The Cognito platform monitored and collected enriched metadata from network traffic that supports more than 4 million devices and workloads deployed in the customer’s cloud, data center and enterprise environments. By analyzing this metadata, the Vectra Cognito platform detected hidden attacker behaviors and identified business risks that enabled these organizations to avoid catastrophic data breaches.
The Vectra Attacker Behavior Industry Report takes a multidisciplinary approach that spans all strategic phases of the attack lifecycle. It presents data by specific industries that highlight relevant differences between them. Key findings from the report include:
Cybersecurity is an ongoing exercise in operational efficiency. Organizations have limited resources to address unlimited risks, threats and attackers. Network security products must always be evaluated in terms of efficiency as well as their impact on the operational fitness of the organization.
At the same time, there is a global shortage of highly-skilled cybersecurity professionals to handle detection and response at any reasonable speed. Consequently, the use of AI is essential to augment existing cybersecurity teams so that they can detect and respond to threats faster and stay well ahead of attackers.
These are just a few of the noteworthy trends Vectra found, and we encourage you to download and read the full report.
Christopher Morales is Head of Security Analytics at Vectra, where he advises and designs incident response and threat management programs with nearly two decades of information security experience in an array of cybersecurity consulting, sales, and research roles.