FireEye, via the Mandiant Security Validation (formerly Verodin) team, released the Mandiant Security Effectiveness Report 2020. This report reveals how well businesses protect themselves against cyber threats and the overall effectiveness of their security infrastructure. The data comes from thousands of tests performed by the team which simulated real attacks and malicious behaviors; the Mandiant Security Validation team ran their attacks in enterprise-level environments and targeted networks, emails, endpoints, and the cloud.
Unfortunately, the tests found the majority of attacks successfully infiltrate organizations’ environments without IT teams’ knowledge. In fact, 53 percent of attacks successfully infiltrated environments without detection. Another 26 percent of attacks successfully infiltrated but triggered cybersecurity detection. Security tools stopped only 33 percent of attacks; cybersecurity alerts were generated for only 9 percent of all attacks. This indicates that enterprises lack visibility despite their current cybersecurity tools.
Further, the Mandiant Security Validation team found several reasons for the disparity. These include tools deployed under “out-of-the-box” configurations, a lack of resources to tune the solutions, and security events not making it to the SIEM solution.
Chris Key, Senior Vice President at Mandiant Security Validation, provided comments on the findings. “Every organization wants reliable data that tells them if their security investments are delivering real value and protecting them from becoming the next major cyber-attack headline. Our research shows that while the majority of companies assume they’re protected, the truth is that more often than not, they are exposed.”
Learn more about FireEye and Mandiant Security here.
- 4 Best Cybersecurity Courses Available on Udacity in 2023 - April 20, 2023
- The Best SOAR Tools and Vendors to Consider in 2023 - November 26, 2022
- The 10 Best Open Source SIEM Tools for Businesses - October 13, 2022