FireEye and Mandiant Security Validation Find Limited Cybersecurity Effectiveness
-
By Ben Canner
- Featured, SIEM News,
FireEye, via the Mandiant Security Validation (formerly Verodin) team, released the Mandiant Security Effectiveness Report 2020. This report reveals how well businesses protect themselves against cyber threats and the overall effectiveness of their security infrastructure. The data comes from thousands of tests performed by the team which simulated real attacks and malicious behaviors; the Mandiant Security Validation team ran their attacks in enterprise-level environments and targeted networks, emails, endpoints, and the cloud.
Unfortunately, the tests found the majority of attacks successfully infiltrate organizations’ environments without IT teams’ knowledge. In fact, 53 percent of attacks successfully infiltrated environments without detection. Another 26 percent of attacks successfully infiltrated but triggered cybersecurity detection. Security tools stopped only 33 percent of attacks; cybersecurity alerts were generated for only 9 percent of all attacks. This indicates that enterprises lack visibility despite their current cybersecurity tools.
Further, the Mandiant Security Validation team found several reasons for the disparity. These include tools deployed under “out-of-the-box” configurations, a lack of resources to tune the solutions, and security events not making it to the SIEM solution.
Chris Key, Senior Vice President at Mandiant Security Validation, provided comments on the findings. “Every organization wants reliable data that tells them if their security investments are delivering real value and protecting them from becoming the next major cyber-attack headline. Our research shows that while the majority of companies assume they’re protected, the truth is that more often than not, they are exposed.”
Learn more about FireEye and Mandiant Security here.
Widget not in any sidebars
Ben Canner
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
- The Best SOAR Solutions to Consider in 2024 - February 1, 2024
- The Best Managed Detection and Response Vendors to Consider in 2024 - January 2, 2024
- 4 Best Cybersecurity Courses Available on Udacity in 2024 - December 20, 2023
