Topics In Demand
Notification
New

No notification found.

Blog
SANS 2017 Cybersecurity Threat Landscape Survey

September 22, 2017

626

0

Leading cybersecurity training organization SANS Institute (with which ARC announced a partnership earlier this year) has just released the results of its 2017 Threat Landscape Survey. The survey has an enterprise-wide scope, and many of the respondents were from the world of IT, government, and finance. It provides an excellent overview of the top cybersecurity threats facing organizations today and their impact. SANS uses the following definitions for threats, threat vectors, and incidents:

  • A threat is a potential for violation of security, which exists when there is a circumstance, capability, action or event that could breach security and cause harm.
  • A threat vector is the method a threat uses to get to the target.
  • An incident is an adverse network event in an information system or network, or the threat of the occurrence of such an event.

SANS

Key Findings from the SANS 2017 Threat Landscape Survey
(Source: SANS Institute)

Phishing the Biggest Threat, Biggest Impact

Almost three quarters (72%) of respondents identified phishing, including spear phishing/whaling as the number one cybersecurity threat. Other leading threats included spyware (50%), ransomware (49%) and Trojans (47%). SANS also asks respondents to list the threats with the greatest impact, and phishing was the winner here as well, with around a third of respondents listing it as having the greatest impact.

Focus on Malware-less Attacks

Both SANS and ARC Advisory Group see malware-less attacks as an increasing threat that is growing in scope and sophistication. Leading malware-less threats included credential compromises and scripting attacks.

The survey goes into more detail regarding areas like the most surprising threats (there is a lack of visibility into unknown threats), threat vectors, impact of threats, threat response and mitigation, and much more. Perhaps most interesting is the roadmap discussion and where future investments will be made (hint: training is critical). You can read the entire report, written by SANS mentor instructor Lee Neely, here. SANS also did a two-part webcast on the results of this survey, and you can view the archived versions of Part 1 here and Part 2 here.

SANS 2017 Threat Landscape Survey: Users on the Front Line

Security Whack-a-Mole: SANS 2017 Threat Landscape Survey Part I

Security Whack-a-Mole: SANS 2017 Threat Landscape Survey Part II

“Reprinted with permission, original blog was posted here. You may also visit here for more such insights on the digital transformation of industry.

 

About ARC Advisory Group (www.arcweb.com): Founded in 1986, ARC Advisory Group is a Boston based leading technology research and advisory firm for industry and infrastructure.

For further information or to provide feedback on this article, please contactakanagali@arcweb.com

 

About the Author:

Larry O’Brien

Vice President, Research

Larry is responsible for providing oversight in ARC’s research into process automation markets, including process automation systems, process safety systems, plant asset management systems, intelligent device management strategies, and field networks.


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


© Copyright nasscom. All Rights Reserved.