A new study has revealed a ‘worrying’ lack of visibility into networks that exposes organisations to cyber risks and large-scale disruptions that can inflict substantial losses.
Gatewatcher’s inaugural analysis of the pan-European, advanced persistent threat (APT) landscape draws on responses from of 300 IT decision-makers across the UK, France and Germany, highlighting the main fears faced by organisations and the solutions they use to address the challenges of APT threats.
The survey shows a clear awareness of APT threat detection with more than 9 in 10 currently looking for APTs. When asked about their attitudes and the main obstacles they face in their fight against these threats, 25% of respondents currently seek to detect and discover APTs but face challenges identifying the method of entry. A further 21% face challenges supporting the technology.
These concerns are within the context of APTs being addressed within the organization – the study also revealed that just under 1 in 5 (19%) currently outsource their protection against APTs to a managed service provider (MSP) or managed security service provider (MSSP).
APT: lack of visibility as a risk factor
When asked to address the specific issues surrounding APTs and how they might compromise the security posture or their organisation, just under half (47%) of respondents identified a lack of visibility throughout the network as a key factor, whilst a further 40% disclosed a lack of the necessary skills within their security teams.
A further 35% also mentioned gaps in current endpoint provision and nearly a third (30%) cited false positive and the subsequent alert fatigue as a source of security compromise. Reflecting the increased awareness of the importance of securing the supply chain, 29% identified third-party subcontractors that are connected to an organisation’s systems as a source of APT threat.
Security Challenges Ranking: Perception gaps
The survey also identifies six security challenges ranked by perceived risk level. Across all three markets, the cybercrime threat of individual bad actors, such as independent black hats, hacktivists or script kiddies is seen as the most pressing cyber security challenge faced by organisations, identified by 54% of respondents.
The study also points to differences in perception between British, French, and German decision-makers. In France, data loss tops the list of concerns (65%), while the threat from independent hackers is the top concern in Germany and the UK (62% and 52% respectively). Ransomware is also the second biggest concern for German IT decision makers (52%), compared to 47% and 43% in France and the UK.
NDR: a future solution to APTs
When asked to detail the technology portfolio used against APTs, Endpoint Detection & Response (EDR) was the most present, cited by nearly two-thirds (62%) of respondents. This was followed by firewalls (57%) and then a very close third and fourth between Security Information and Event Management (SIEM) and Network Detection and Response (NDR) with 56% and 55% respectively.
The emergence of NDR solutions in fourth place illustrates the growing need for IT decision-makers to have visibility across the entire IT network and to protect themselves against large-scale threats, with potentially catastrophic impacts.
“Gatewatcher’s Cyber Threat Barometer – our monthly, active monitoring and Cyber Threat Intelligence solution -, provides an overview of cyber threats, including the evolution of certain advanced persistent threats – but this is only the thin end of an extremely dangerous wedge,” said Philippe Gillet, CTO of Gatewatcher. He adds: “By providing a snapshot of APT threats and challenges, this study conducted by Vanson Bourne aims to contribute to the constructive search for solutions for the future. The results are encouraging: it shows us that businesses are still relying heavily on endpoint protection, whilst recognising that it is visibility across the network that is now needed to address APTs. As recent examples have shown, these advanced attacks exhibit patience and strategic thinking. As such, it is time to evolve and adapt our approach to the threat landscape and see APTs as the new normal in cybersecurity. This will mandate network technologies that offer high visibility of threats hidden in the network and represent an essential lever for strengthening the cybersecurity posture of businesses.’’