A new research from cyber security provider F-Secure reports a significant increase in attack traffic in the latter half of 2018. But while attacks are increasing, it seems many companies are struggling with incident detection. Attack traffic observed by F-Secure's network of decoy honeypots in 2018 increased by 32 percent over the previous year and increased fourfold in the latter half of 2018 compared with the first half of the year.
Recent survey data suggests that many companies may not have the visibility they need to catch attacks that make it past preventative measures like firewalls and endpoint protection. The survey found that 22 percent of companies did not detect a single attack in a 12-month period. 20 percent of respondents detected a single attack during that time frame, and 31 percent detected 2-5 attacks.
“Today's threats are completely different from 10 or even 5 years ago. Preventative measures and strategies won't stop everything anymore, so I've no doubt that many of the companies surveyed don't have a full picture of what's going on with their security,” F-Secure Vice President of Cyber Security Products Research & Development Leszek Tasiemski.
“Many organizations don't really value security until an incident threatens to cost them a lot of money, so I'm not completely surprised that there are companies detecting zero attacks over the course of a year,” said Tasiemski.
“We find that companies running detection and response solutions tend to have a better grasp of what they're doing right and what they're doing wrong. Ideally, the visibility these solutions have will show companies that they're blocking most of the standard, opportunistic attacks, like the ones our public honeypots usually attract. But these solutions will also pick up what preventative measures like firewalls or endpoint protection misses, which makes detection and response a pretty invaluable part of a healthy security strategy,” said Tasiemski.
