SECURITY
SECURITY
SECURITY
Prioritizing cyberattacks still needs a lot of work, according to new Picus Labs report
Organizations aren’t very effective at prioritizing and preventing cyberattacks, according to a new study released today by Picus Labs.
Picus Labs’ parent company sells attack simulation tools, and the study, The Blue Report 2023, is based on telemetry from 14 million simulations created by its customers from January to June 2023. On average, organizations’ security controls prevent only 59% of the simulated attacks and prevent more complex attacks less than half of the time. There are also wide variations in organizations’ ability to prevent specific threats.
”Many organizations do not realize the degree to which their existing controls are insufficient for detecting attacks, especially sophisticated ones,” the authors wrote in their report. While these results aren’t actual attacks but simulations, they do provide an interesting comparison among the various kinds of attacks and the responses that Picus’ customers have in performing the simulations.
The report identified four tradeoffs involved in mitigating threats given scarce security resources: which attacks, and which vulnerabilities, are a priority, choosing between prevention and detection efficacy, and choosing between logging and alerting.
For example, some vulnerabilities discovered in 2019 still remain a threat to more than 80% of organizations. And their simulation data shows that, on average, organizations log 37% of the attacks but generate alerts for only 16% of the attacks.
The researchers scored prevention effectiveness on their platform and found a wide geographic variation in average scores, with South Asian customers scoring lowest and North America, Europe, Africa and the Middle East customers scoring highest.
They also found a variation in how well they prevented various ransomware strains, with OilRig the most successful at penetration and Sandworm the least. Still, Sandworm was stopped only a quarter of the times in their simulations (pictured adjacent).
The researchers found that the better an organization is at preventing threats, the weaker it is at detecting them, and vice versa. For instance, globally healthcare is the least effective sector at preventing attacks but is twice as successful as the average organization when it comes to detecting them. And North American organizations are almost twice as successful at preventing attacks as they are at triggering alerts to detect attacks in progress.
Images: markus-spiske/Unsplash, Picus Labs
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
