Gap between attacker and defender capabilities is widening
SINGAPORE, March 18, 2021 /PRNewswire/ — Vectra AI, a leader in network detection and response (NDR), will today release its global survey of 1,112 security professionals working in mid to large sized organisations using Microsoft Office 365.
The results are to confirm that the COVID-19 pandemic has accelerated cloud migration and digital transformation among 88% of companies and that 71% of Microsoft Office 365 deployments have suffered an account takeover of a legitimate user’s account, not once, but on average seven times in the last year.
The fact that three in four companies have experienced malicious account takeover attacks may explain why over 60% of Asia Pacific respondents believe the gap between the capabilities of attackers and defenders is widening.
The challenges faced by defenders also mirror findings of the last Spotlight Report which tracked the behaviour of four million Microsoft Office 365 customers over 90 days.
Account takeovers were on top of the list of methods used by attackers to move laterally between the cloud and networks.
The report also found that 71% of customers showed suspicious Office 365 Power Automate behaviors.
Chris Fisher, Director of Security Engineering APJ for Vectra says, “Eighty percent of Singaporean survey respondents indicated their organisation’s cybersecurity risk had increased in the last 12 months to February 2021. As a result of increased Microsoft Office 365 usage during COVID-19, their main security concern is now the risk of data being comprised and the ability for hackers to hide their tracks by using legitimate Microsoft tools, such as Power Automate and e-Discovery.”
In terms of 2021 threats, 48% of Singaporean respondents expect to see a continuation of identity-based attacks on authorised users. When it comes to improving their security posture in 2021, more Singaporean companies are planning to invest more in people and technology.
Vectra’s survey also revealed a high level of confidence among security teams in the effectiveness of their own company’s security measures: nearly four in five claim to have ‘good’ or ‘very good’ visibility into attacks that bypass perimeter defences like firewalls.
However the combined number one priority tool for investment within these companies is NDR (Network Detection and Response) followed by EDR (Endpoint Detection and Response) to help bolster their defenses.
How security professionals are currently allocating their focus was also reflected in Vectra’s survey which found about 20% of team time is being spent on reactive investigations with a similar amount on proactive investigations.
“Not surprisingly, stress levels have increased among APAC respondents because of COVID-19,” says Fisher. “The biggest frustration for those with security solutions appears to be a lack of integration with other solutions and the amount of time needed to manage them.”
Fisher says cyber threats left unidentified can have huge financial and reputation repercussions as more attackers seek to exploit ongoing COVID-19 challenges across industries. “Entities need to focus on their networks and maintain good cyber hygiene to drive down the noise coming into security operation centres. How quickly an entity responds to a breach and identifies the attacks quickly and effectively will determine who succeeds in this fast-changing time,” Fisher comments.
“Vectra delivers a demonstrably powerful enabler for security teams to achieve more, in compressed timeframes and ultimately protect and reduce business risk for their organisation,” said Fisher. “The tremendous value of our AI-driven NDR platform, which combines advanced machine learning algorithms and insightful threat research, is evident in our growing number of new customers in the Asia Pacific region.
Other key findings from the report include:
- IoT/Connected devices and identity-based attacks are the top two security concerns for 2021
- 58% of businesses plan to invest more money in people and technology and 52% will invest in AI and automation in 2021
- The biggest frustration with existing security solutions is the amount of time needed to manage them
- The best thing about their roles as security professionals is the satisfaction of stopping attacks and protecting their companies, whilst frustration at end user’s lack of understanding of cybersecurity remains the biggest frustration.
