INTELLIGENT BRANDS // Enterprise Security
powered by
“59% of respondents are
using manual processes
to identify sensitive
assets, ultimately
leaving their networks
prone to massively
automated attacks.”
Cherif Sleiman, vice president, EMEA at Infoblox
“Those still relying solely
on manual processes
are doing themselves a
disservice.”
themselves a disservice by opening up their networks and
customer data to highly automated, targeted attacks. In
order to counter the chances of compromise, they must
know how data should flow and design an in-depth defence
strategy to secure assets like user IDs, credentials, roles and
directories. Automating network processes helps uncover
sensitive data in previously unknown areas of the network.
It frees up time for IT admins to perform more important,
high-level tasks.” Other key findings from the 2017 SANS
Data Protection Survey report include:
• Threats to data: Overall, 78% of respondents have seen
two or more different types of threats over the last 12
months, with 68% having seen the same threat types
multiple times.
• Data exfiltration: 48% of respondents received a breach
report stating that the incident resulted in the exfiltration
of sensitive data, with the primary transport of the data
being an encrypted channel established by malware with a
secondary factor being email.
• Challenges in securing data: When asked what their
organisation’s greatest challenge is when it comes to
sensitive data protection, 31% of respondents report lack
of staffing and resources to be their biggest obstacle.
68
INTELLIGENTCIO
• The cost of compromise: 41% of respondents report the
most frequent underlying cause for breaches of sensitive
data to be hacking or malware-related attacks, with 37%
indicating insider compromise.
• Watch your DNS: While 42% of respondents report
conducting scans of their DNS infrastructures, only 19%
conduct regular scans on at least a weekly basis, with a
mere 9% scanning continuously. 58% of respondents do
not utilise DNS-based prevention/detection techniques at
all or are unaware whether they do.
Cherif Sleiman, vice president, EMEA at Infoblox, says: “The
study provides intelligence for enterprises in the Middle East
to take immediate action to protect against cyber threats
and breaches. One of the takeaways from the report is
for companies to consider insider threat and user access
compromise as two sides of the same risk coin. The key is to
leverage tools for manual classification and enable real time
warnings not just to alert users that they are engaging in
potentially dangerous activities, but to educate them as to
why these activities are dangerous and how to prevent such
actions in the future.”
Download report
Download the Sensitive Data at Risk Everywhere: The
SANS 2017 Data Protection Survey, which includes
recommendations for securing sensitive data.
Methodology
Participants for the study included more than 250 IT and
security administrators, engineers, IT managers, developers,
and privacy experts. n
“One of the takeaways from
the report is for companies to
consider insider threat and
user access compromise as two
sides of the same risk coin.”
www.intelligentcio.com