Story image

How cybercriminals are most likely to be caught

07 Mar 2019

Sophos announced the findings of its global survey, 7 Uncomfortable Truths of Endpoint Security, which reveals IT managers are more likely to catch cybercriminals on their organisation’s servers and networks than anywhere else. 

The survey polled more than 3,100 IT decision makers from mid-sized businesses in 12 countries including Australia, the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Japan, India, and South Africa.

Of the 200 Australian IT managers surveyed, it was revealed that one third discovered the most significant cyber attack on their organisation’s servers and 43 per cent were caught on the networks. Only 17 per cent were discovered on endpoints and eight per cent were found on mobile devices. 

These statistics are in line with the global averages for servers (37 per cent), networks (37 per cent), endpoints (17 per cent), and mobile devices (10 per cent).

Fifteen per cent of IT managers at Australian companies who were victim to one or more cyber attacks last year can’t pinpoint how the attackers gained entry—slightly better than the global average—or how long the threat was in the environment before it was detected. 

To improve this lack of visibility, IT managers need endpoint detection and response (EDR) technology that exposes threat starting points and the digital footprints of attackers moving laterally through a network.

On average, Australian organisations that investigate one or more potential security incidents each month spend 48 days a year (four days a month) investigating them, according to the survey. 

It comes as no surprise that local IT managers ranked identification of suspicious events (28 per cent), alert management (17 per cent) and prioritisation of suspicious events (15 per cent) as the top three features they need from EDR solutions to reduce the time taken to identify and respond to security alerts.

Less than half (43 per cent) of Australia-based survey respondents have EDR capabilities, with 56 per cent stating they were planning to implement an EDR solution within the next 12 months. 

Having EDR also helps address a skills gap. Three in four IT managers in Australia wish they had a stronger team in place, according to the survey.

Forescout strengthens investment in OT security
Forescout’s latest features will provide enterprises with improved productivity, lower risk profiles and faster mitigation of threats.
Hybrid cloud security big concern for business leaders
A new study highlights that IT and security professionals have significant concerns around security for hybrid cloud and multi-cloud environments.
GitHub launches fund to sponsor open source developers
In addition to GitHub Sponsors, GitHub is launching the GitHub Sponsors, GitHub will match all contributions up to $5,000 during a developer’s first year in GitHub Sponsors.
Check Point announces integration with Microsoft Azure
The integration of Check Point’s advanced policy enforcement capabilities with Microsoft AIP’s file classification and protection features enables enterprises to keep their business data and IP secure, irrespective of how it is shared. 
ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.