Our partner Alert Logic provides managed security and compliance solutions for over 3,000 customers across the globe. As part their cybersecurity research practice they review threats and attacks against their vast customer base looking for insight to share in their annual Cloud Security Report.
Using the attack data they collect across thousands of organizations in a wide variety of industries and many different infrastructure deployments (on-prem, hosting, and public cloud), their findings are representative of current threats and attacks many organizations experience today. They analyzed over one billion events and identified over 800,000 security incidents.
Unlike other reports, the Alert Logic report is based on real data, and real stories. They share this information in hopes that other organizations find the information informative, valuable, and helpful with efforts for improving the security framework of their business.
Here are some of the key trends from this year’s research:
Cloud adoption remains strong – Attackers are applying more pressure to businesses with applications in the cloud due to the belief that many businesses have a misconception about the security they need in the cloud. Some organizations mistakenly made an assumption about the cloud provider taking care of all their security needs, which isn’t the case. Security needs to be a shared responsibility.
Industry and customers drive your threat profile – Business’s that primarily interact with their customers online or have a significant online presence are the targets of application attacks far more than those businesses that interact with their customers by other means. Businesses with a smaller online presence; attackers are using traditional means of infiltration, such as Brute Force and Trojan attacks. Understanding what drives your threat profile is key to determining the time and investment necessary for a successful security-in-depth strategy.
Kill Chain construct drives understanding – Hackers today are a sophisticated bunch. In the past many worked alone using “smash-n-grab” techniques, today’s attackers work in groups that infiltrate in a much more regimented way. They follow a defined process that enables them to evade detection and achieve their ultimate goal: turning sensitive, valuable data into profits. In the report, Alert Logic takes a deep dive into the “Cyber Kill Chain”, a construct developed by Lockheed Martin to provide insight into an attacker’s behavior from initial reconnaissance activities to ultimate data exfiltration.
You can stay ahead of attackers – In the report, Alert Logic provides recommendations to help organizations improve their security posture. Included is a checklist to share with your team and get the conversation started.
Download the full Cloud Security Report here.