SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Advanced Persistent Threat Protection
#
Ransomware
#
Benchmarking

Picus report reveals flaws in threat exposure management

Fri, 2nd Aug 2024
Author image
By Catherine Knowles, Journalist

Analysis by Picus Security has highlighted a significant vulnerability in many IT environments, stating that 40% of tested systems are susceptible to a full takeover by malicious actors.

The findings are detailed in the Blue Report 2024: State of Exposure Management, which draws insights from 136 million simulated cyber-attacks.

The research suggests that macOS endpoints are particularly vulnerable, with only 23% of simulated attacks being prevented. In comparison, Windows and Linux systems showed a more robust defence, blocking 62% and 65% of attacks, respectively. This disparity is attributed to the inadequate configuration and management of macOS devices by security teams.

Dr. Suleyman Ozarslan, co-founder and Vice President of Picus Labs, said, "It’s clear that organizations are still experiencing challenges when it comes to threat exposure management and balancing priorities. Small gaps that lead to attackers obtaining domain admin access are not isolated incidents; they are widespread." He referenced a recent attack on MGM, where domain admin privileges were exploited, halting operations and causing massive disruptions.

The report identifies a significant issue in threat detection across various organisations. While companies manage to prevent 70% of attacks on average, half of these attacks were not logged by detection tools, and only a fraction triggered any warning alerts. This underlines the existing gaps in threat exposure management and the potential for attackers to move laterally across networks without detection.

Volkan Ertrk, Picus Security co-founder and CTO, emphasised the need for improved security measures for macOS systems. "While we have found Macs are less vulnerable to start, the reality today is that security teams are not putting adequate resources into securing macOS systems," he said. He highlighted the importance of validating macOS configurations to surface issues, a task facilitated by threat repositories like the Picus Threat Library.

The report also sheds light on other critical security concerns. It notes that 25% of companies use common language passwords, making it easier for attackers to crack hashed passwords and gain clear-text credentials. Additionally, organisations only deter 9% of data exfiltration techniques, which are frequently used in ransomware attacks to steal sensitive data. Among ransomware groups, BlackByte poses the most formidable challenge, with defence measures effective in only 17% of cases. BabLock and Hive also present significant difficulties, being thwarted by 20% and 30% of organisations, respectively.

The report serves as a comparative tool for security teams to benchmark their performance and underscores the need for continuous improvement in both technology and processes. The primary takeaway is the identification of significant gaps in threat exposure management, reinforcing the importance of validating and configuring all endpoint systems effectively.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Cohesity & CrowdStrike expand partnership for advanced cybersecurity
Radware reports web DDoS attack activity
ReliaQuest reveals sophisticated Inc Ransom tactics in attack analysis
Report: genAI rapidly advancing in cybersecurity operations
Hibbett enhances security with Cequence API protection platform
Top stories
Titans of Tech - Kip Compton of Fastly
SentinelOne named among best workplaces in technology for 2024
CrowdStrike & 1Password extend partnership to aid SMBs
Indonesia's Kominfo teams with Indosat & Mastercard for academy
Insider threats highlighted, calls for enhanced security measures