FireEye Labs Report: 97% of organisations have been breached
EBay Breach Followup - FireEye Labs Report: 97 per cent of organisations have been breached
In the wake of today’s EBay news these findings are especially relevant:
FireEye has just revealed that data from its more than 1600 network appliances deployed in real-world settings and the findings are striking. The most compelling is that nearly all (97 percent) organizations had been breached, meaning at least one attacker had bypassed all layers of their defense-in-depth architecture.
The report is attached and a brief synopsis is below.
Today we are releasing “Cybersecurity’s Maginot Line: A Real-world Assessment of the Defense-in-Depth Model.” The report is a first-of-its kind analysis of real-world data spanning more than 1,217 organizations in 65 countries across more than 20 industries. It reveals a deeply flawed defense-in-depth model, at least as it’s commonly deployed. In short, most of today’s top-selling security tools fail to protect 97 percent of organizations that deploy them.
The only true test of a product is in a real-world setting. Our data comes from organizations testing FireEye network and email appliances, but not yet fully protected by the FireEye platform. Because FireEye sits behind all conventional security defenses, the tests provide a unique vantage point to observe other security layers in action.
In other words, any threats observed by FireEye in these tests have passed through all of an organization’s other security layers.
We call this state of affairs the new Maginot Line. That’s because it reminds us of France’s famed 940-mile string of deep-earth bunker fortresses, anti-tank obstacles, and barbed-wire entanglements built to fend of Germany in the run-up to World War II.
It was expensive and futile. Germany sidestepped the line using a novel blitzkrieg-style attack through Belgium. The French military, which had diverted much of its budget to the line, could not mount an effective defense.
Today, many organizations face a similar problem. They spend billions of dollars every year on defense-in-depth IT security architecture. And attackers are easily stepping around them.
As our report shows, it doesn’t matter what types of signature-based firewall, intrusion prevention system (IPS), Web gateway, sandbox, and endpoint systems make up your Maginot Line. Attackers are circumventing them all.
So what should organizations do? For one, they need a new approach to securing their IT assets. For many, that means reducing waste on redundant, backward-looking technology and redeploying those resources on defenses designed to find and stop today’s advanced attacks.