0 EXTERNAL INTERNAL MEDIAN HOW BREACHES ARE …2014 2013 2012 2011 47% 53% 69% 67% 63% 94% 53% 47%...
Transcript of 0 EXTERNAL INTERNAL MEDIAN HOW BREACHES ARE …2014 2013 2012 2011 47% 53% 69% 67% 63% 94% 53% 47%...
TOTAL INDUSTRIES INVESTIGATEDThe Americas has the lowest
median dwell time due to overall higher level of security maturity driven in part by breach disclosure laws and the changing nature of attacks, with attacks such as ransonware and destructive wiper attacks meant to be detected quickly
AMERICAS DWELL TIME
150
100
50
0
35
10499
EXTERNAL INTERNAL MEDIAN
3% EDUCATION
3% ENERGY
15% FINANCIAL
HIGH TECH 12%
MANUFACTURING 5%
MEDIA AND ENTERTAINMENT 5%
TELECOMMUNICATIONS 2%
BIOTECHNOLOGY AND PHARMACEUTICALS 2%
RETAIL AND HOSPITALITY 15%
8% GOVERNMENT
CONSTRUCTION 3% AND ENGINEERING
BUSINESS AND 10% PROFESSIONAL SERVICES
TRANSPORTATION AND LOGISTICS 2%
OTHER 1%
NONPROFIT 2%
12% HEALTHCARE
HOW BREACHES ARE DETECTED
47%53%INTERNAL DISCOVERY OF BREACH
EXTERNAL NOTIFICATION OF BREACH
M-TRENDS®
2017A View From the Front Lines
ADAPTING THE FUNDAMENTALS OF DEFENSE
1 UNDERSTAND WHAT’S CRITICAL 2 NETWORK AND
ENDPOINT VISIBILITY 3 NETWORK
SEGMENTATION 4 ACCESS MANAGEMENT
Identify internal systems and data flows required to maintain business operations
Clean network perimeter is fading, increasing need to monitor the network, mobile endpoints, monitor vendor connection points, subsidiaries and other interconnections
An often overlooked fundamental, lack of segmentation leads to easy lateral movement by attackers
Enable multi-factor authentication, Segregate access by duties, providing “least privilege” needed to limit attacker’s ability to access data with a single compromised account
2016
2015
2014
2013
2012
2011
47%
53%
69%
67%
63%
94%
53%
47%
31%
33%
37%
6%
INTERNAL DETECTION VS. EXTERNAL NOTIFICATION INTERNAL DISCOVERYOF BREACH
EXTERNAL NOTIFICATIONOF BREACH
AMERICAS
certain financial attackers and state-sponsored attackers no longer exists.”
The line between
GLOBAL ATTACK TRENDS
Increasing sophistication of financially motivated attack.
Email is a major target. Attackers are using interesting ways to get it.
Customized attacks. Financial attackers tailor phishing email and call victims to ‘help’ them.
LEARN MORE www.fireeye.com/mtrendsInterested in reading the full M-Trends 2017 Report? FireEye, Inc.1440 McCarthy Blvd. Milpitas, CA 95035 / 408.321.6300 / 877.FIREEYE (347.3393) / [email protected] the full report here
© 2017 FireEye, Inc. All rights reserved. FireEye is a registered trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners. IG.MTR.EN-US-042017