Ransomware, insider threats and denial of service (DoS) are the top three threats organizations face when it comes to securing sensitive data, a new survey found.
Seventy-eight percent of respondents report encountering two or more threats to their data in the past 12 months, while 12 percent actually encountered a breach, with 43 percent of those encountering exfiltration of sensitive data through encrypted channels, according to the study by the SANS Institute.
User credentials and privileged account information, known as access data, represented the most common data types involved in these breaches.
That goes to show attackers covet privileged data.
“This shows how highly attackers prize access data,” said Sean Tierney, director of threat intelligence at Infoblox, which sponsored the survey with McAfee. “It’s proving more desirable to them than sensitive data being targeted for financial gain or destruction because it opens the door to significantly more exploitation opportunities.”
The study also found 59 percent of respondents are using manual processes to identify sensitive assets, which means networks could suffer from automated attacks.
Key findings from the “2017 SANS Data Protection Survey” report include:
1. Threats to data: 78 percent of respondents have seen two or more different types of threats over the last 12 months, with 68 percent having seen the same threat types multiple times.
2. Data exfiltration: 48 percent of those who sustained a breach report the incident resulted in the exfiltration of sensitive data, with the primary transport of the data being an encrypted channel established by malware with a secondary factor being email.
3. Challenges in securing data: When asked what their organization’s greatest challenge is when it comes to sensitive data protection, 31 percent of respondents report lack of staffing and resources to be their biggest obstacle.
4. The cost of compromise: 41 percent of respondents report the most frequent underlying cause for breaches of sensitive data to be hacking or malware-related attacks, with 37 percent indicating insider compromise.
Results from the survey also show respondents still are not using easily available, critical resources, such as network topology maps and organizational workflow, to establish an information-centric, defense-in-depth environment.
Organizations need to reduce risk by first understanding their sensitive data, how it flows and where it resides, as well as the threats to that data, the report said. With this knowledge, they can establish the appropriate controls that support the organization’s business operations and then identify technologies to reinforce data protection policies and procedures.
Click here to download the report.