Majority of organisations lack proper data exfiltration prevention and DNS security measures
Infoblox Inc., the network control company that provides Actionable Network Intelligence, has released results of a new study that identifies the top threats, risks and fears related to securing data assets and keeping networks secure.
The survey, conducted by SANS and co-sponsored by Infoblox, found that ransomware, insider threats and denial of service are considered the top three threats organisations face when it comes to securing sensitive data.
According to the study, 78% of respondents report encountering two or more threats to their data in the past 12 months, while 12% actually encountered a breach, with 43% of those encountering exfiltration of sensitive data through encrypted channels.
User credentials and privileged account information, known as access data, represented the most common data types involved in these breaches, spotlighting the fact that privileged data is prized by attackers — proving more desirable to them than sensitive data being targeted for financial gain or destruction.
“This shows how highly attackers prize access data,” said Sean Tierney, Director of Threat Intelligence at Infoblox. “It’s proving more desirable to them than sensitive data being targeted for financial gain or destruction because it opens the door to significantly more exploitation opportunities.”
The study also found that 59% of respondents are using manual processes to identify sensitive assets —ultimately leaving their networks prone to massively automated attacks.
Tierney added: “Those still relying solely on manual processes are doing themselves a disservice by opening up their networks and customer data to highly automated, targeted attacks. In order to counter the chances of compromise, they must know how data should flow and design an in-depth defence strategy to secure assets like user IDs, credentials, roles and directories. Automating network processes helps uncover sensitive data in previously unknown areas of the network. It frees up time for IT admins to perform more important, high-level tasks.”
Other key findings from the ‘2017 SANS Data Protection Survey’ report include:
- Threats to Data: Overall, 78% of respondents have seen two or more different types of threats over the last 12 months, with 68% having seen the same threat types multiple times.
- Data Exfiltration: 48% of respondents received a breach report stating that the incident resulted in the exfiltration of sensitive data, with the primary transport of the data being an encrypted channel established by malware with a secondary factor being email.
- Challenges in Securing Data: When asked what their organisation’s greatest challenge is when it comes to sensitive data protection, 31% of respondents report lack of staffing and resources to be their biggest obstacle.
- The Cost of Compromise: 41% of respondents report the most frequent underlying cause for breaches of sensitive data to be hacking or malware-related attacks, with 37% indicating insider compromise.
- Watch Your DNS: While 42% of respondents report conducting scans of their DNS infrastructures, only 19% conduct regular scans on at least a weekly basis, with a mere 9% scanning continuously. 58% of respondents do not utilise DNS-based prevention/detection techniques at all or are unaware whether they do.
Cherif Sleiman, vice president, EMEA at Infoblox, says: “The study provides intelligence for enterprises in the Middle East to take immediate action to protect against cyber threats and breaches. One of the takeaways from the report is for companies to consider insider threat and user access compromise as two sides of the same risk coin. The key is to leverage tools for manual classification and enable realtime warnings not just to alert users that they are engaging in potentially dangerous activities, but to educate them as to why these activities are dangerous and how to prevent such actions in the future.”
Download the “Sensitive Data at Risk Everywhere: The SANS 2017 Data Protection Survey,” which includes recommendations for securing sensitive data.
Participants for the study included more than 250 IT and security administrators, engineers, IT managers, developers, and privacy experts.