SAN JOSE, Calif., March 17, 2021 /PRNewswire/ -- Vectra AI, a leader in network detection and response (NDR), released today its global survey of 1,112 security professionals working in mid to large sized organizations using Microsoft Office 365. The results confirm that the COVID-19 pandemic has accelerated cloud migration and digital transformation amongst 88% of companies and that 71% of Microsoft Office 365 deployments have suffered an account takeover of a legitimate user's account, not once, but on average seven times in the last year.
The fact that 3 in 4 companies have experienced malicious account takeover attacks highlights the need to track and secure identities as they move from on-prem to the cloud. Just one in three security professionals believe they could identify and stop an account takeover attack immediately, the majority expect to take days or even weeks to intercept such a breach.
These challenges faced by defenders mirror the findings of the last Spotlight Report, which tracked the behavior of four million Microsoft Office 365 customers over 90 days and discovered that 96% of networks exhibited suspicious lateral movement behavior and that account takeovers were at the top of the list of methods used by attackers to move laterally between the cloud and network.
Tim Wade, Technical Director of the CTO team at Vectra, comments, "We're regularly seeing identity-based attacks being used to circumnavigate traditional perimeter defenses like multi-factor authentication (MFA). Account takeovers are replacing phishing as the most common attack vector and MFA defenses are speed bumps not forcefields. Organizations need to take this seriously and plan to detect and contain account compromise before a material disruption of their business occurs – malicious access, even for a short period of time, can do a tremendous amount of damage."
However, the survey also reveals a high level of confidence amongst security teams in the effectiveness of their own company's security measures: nearly 4 in 5 claim to have good or very good visibility into attacks that bypass perimeter defenses like firewalls. Yet there is an interesting contrast of opinions between management level respondents and practitioners such as Security Operations Center (SOC) analysts, with managers exhibiting much greater confidence in their defensive abilities. Overall, the top security concerns cited by Microsoft Office 365 customers are the risk of compromise of data held in the cloud, the risk of account take-over and the ability of hackers to use living-of-the-land attacks to hide their tracks.
Tim Wade comments, "The tendency for managers to be significantly more confident that those working at the coalface suggests that there is a level of self-delusion going on here. Perhaps it's because the metrics that are being shared with senior management often focus more on the volume of attacks stopped rather than the severity of the attack or the number of investigations that reach a firm conclusion. Whatever the reason it's important not to be complacent and remain constantly vigilant of new types of attacks."
The findings also reveal that a majority (58%) of security professionals say the gap between attackers and defenders is widening. The shift to cloud, and adoption of remote working has heightened the threat of cyberattacks, with four in five security professionals saying that cyber security risks have increased in the last twelve months.
Other key findings from the report include:
- IoT/Connected devices and identity-based attacks are the top two security concerns for 2021
- 58% of businesses plan to invest more money in people and technology and 52% will invest in AI and automation in 2021
- The biggest frustration with existing security solutions it the amount of time needed to manage them
- The best thing about their roles as security professionals is the satisfaction of stopping attacks and protecting their companies, whilst frustration at end user's lack of understanding of cyber security remains the biggest frustration.
To download the full findings of the research, go to: Office 365 User Survey: IT Security Changes Amidst the Pandemic ,or read the companion blog and eBook.
The survey commissioned by Vectra was conducted among 1112 IT security decision makers in businesses securing Microsoft Office 365 deployments with more than 1000 employees, in the following industries: Government, Finance, Retail, Manufacturing, Healthcare, Education and Pharmaceutical. At an overall level results are accurate to ± 2.9% at 95% confidence limits assuming a result of 50%. The interviews were conducted online by Sapio Research in February 2021 using an email invitation and an online survey.
Vectra® is a leader in network detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata and cloud logs it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. For more information, visit vectra.ai.
Lumina Communications for Vectra