Security News > 2024 > August > Organizations fail to log 44% of cyber attacks, major exposure gaps remain

The report was based on a worldwide comprehensive analysis of more than 136 million cyber attacks simulated by the Picus Security Validation Platform.

The report reveals that, on average, organizations prevent 7 out of 10 of attacks, but are still at risk of major cyber incidents because of gaps in threat exposure management that can permit attackers using automation to move laterally through enterprise networks.

Of all attacks simulated, only 56% were logged by organizations' detection tools, and only 12% triggered an alert.

"It's clear that organizations are still experiencing challenges when it comes to threat exposure management and balancing priorities. Small gaps that lead to attackers obtaining domain admin access are not isolated incidents, they are widespread. Last year, the attack on MGM used domain admin privileges and super admin accounts. It stopped slot machines, shut down virtually all systems, and blocked a multi-billion dollar company from doing business for days."

Organizations should adopt an "Assume breach" mindset to bridge these gaps in their cybersecurity strategy.

"While we have found Macs are less vulnerable to start, the reality today is that security teams are not putting adequate resources into securing macOS systems," said Volkan Ertürk, Picus Security CTO. "Our recent Blue Report research shows that security teams need to validate their macOS systems to surface configuration issues. Threat repositories, like the Picus Threat Library, are armed with the latest and most prominent macOS specific threats to help organizations streamline their validation and mitigation efforts."

News URL

https://www.helpnetsecurity.com/2024/08/02/threat-exposure-management/