Leading cybersecurity training organization SANS Institute (with which ARC announced a partnership earlier this year) has just released the results of its 2017 Threat Landscape Survey. The survey has an enterprise-wide scope, and many of the respondents were from the world of IT, government, and finance. It provides an excellent overview of the top cybersecurity threats facing organizations today and their impact. SANS uses the following definitions for threats, threat vectors, and incidents:
- A threat is a potential for violation of security, which exists when there is a circumstance, capability, action or event that could breach security and cause harm.
- A threat vector is the method a threat uses to get to the target.
- An incident is an adverse network event in an information system or network, or the threat of the occurrence of such an event.
Key Findings from the SANS 2017 Threat Landscape Survey
(Source: SANS Institute)
Phishing the Biggest Threat, Biggest Impact
Almost three quarters (72%) of respondents identified phishing, including spear phishing/whaling as the number one cybersecurity threat. Other leading threats included spyware (50%), ransomware (49%) and Trojans (47%). SANS also asks respondents to list the threats with the greatest impact, and phishing was the winner here as well, with around a third of respondents listing it as having the greatest impact.
Focus on Malware-less Attacks
Both SANS and ARC Advisory Group see malware-less attacks as an increasing threat that is growing in scope and sophistication. Leading malware-less threats included credential compromises and scripting attacks.
The survey goes into more detail regarding areas like the most surprising threats (there is a lack of visibility into unknown threats), threat vectors, impact of threats, threat response and mitigation, and much more. Perhaps most interesting is the roadmap discussion and where future investments will be made (hint: training is critical). You can read the entire report, written by SANS mentor instructor Lee Neely, here. SANS also did a two-part webcast on the results of this survey, and you can view the archived versions of Part 1 here and Part 2 here.