The Global State of Threat IntelligenceSolutionary's Rob Kraus on Where Enterprises Are Failing to be Resilient
Among other key findings from this new report, produced by Solutionary in conjunction with Lockheed Martin, Wapack Labs, Recorded Future and the Center for Internet Security:
- Spear phishing attacks accounted for about 17 percent of incident response activities last year;
- Almost 21 percent of vulnerabilities detected were more than three years old;
- The retail sector experienced the most attacks - roughly 2.7 times the number of attacks as organizations in finance.
The lack of preparedness is a growing concern, says Rob Krause, Director of Security & Strategy Research for Solutionary's Security Engineering Research Team.
"There is a very small amount of organizations that are actually trying to mature their incident response programs," Kraus says. "And this is from organizations just outright saying 'We're not prepared.'"
Kraus describes the approach as using the "phone a friend" option when organizations are under attack. "They don't have the security budget ... but a lot of it is related to expertise. And it's not because there's a lack of expertise out there. It's more because: It's the budget. Incident responders are not a cheap resource."
Ultimately, it comes down to business resiliency, Kraus says, and here is where organizations can learn from their adversaries.
"When malware authors are out there creating malware to do its mission, the first mission of the malware is to do what? It's to survive," Kraus says. "Organizations need to think the same way."
In an interview about Solutionary's latest Global Threat Intelligence Report, Kraus discusses:
- What's unique about this year's report;
- Top attack vectors and targets;
- Where organizations continually fail in being resilient.
Kraus is the director of research for the Solutionary Security Engineering Research Team (SERT). He is a Certified Information Systems Security Professional (CISSP), specializing in vulnerability research, malware analysis, threat intelligence, Web application security assessments, external and internal penetration testing, and social engineering. He previously was a manager within Solutionary's security consulting services group.
Solutionary, an NTT Group security company, is the next generation managed security services provider (MSSP). Comprehensive Solutionary security monitoring and security device management services protect traditional and virtual IT infrastructures, cloud environments and mobile data.