Businesses in the EMEA countries are on a rocky turf with regard to cybercrimes. Even as its cybersecurity product market is set to grow at a 7.2 percent CAGR with EU’s General Data Protection Regulation goals, security concerns seem to be on an upward trend.
FireEye’s First Mandiant M-Trends EMEA Report talks about a high disparity in their mean dwell times. Organizations here have recorded a mean dwell time (the number of days an attacker can lurk undetected) that is 3 times the global average.
So what’s the problem here? Oftentimes, this happens to be a case of lack of visibility over the attack surface, points of entry and possibility of lateral movement. We see dwell time as a definitive measure of resilience. In fact, this one metric is singly representative of how well the security strategy, policies, procedures and controls have been formulated. A fragmentary approach to forensic analysis is often the reason behind the adoption of obsolete security practices. But why wait for an intruder to get in? The situation necessitates threat modeling that can help in risk-aware security operations. Knowing where to look for footholds can greatly limit attack dwell times.
The report also talks about their reluctance in seeking external guidance in detecting indicators of compromise. A decision to look for compromises by themselves means having to analyze large numbers of alerts – something that can be a mammoth task without the dexterity it takes to filter out false positives. Most often, Organizations in the region are targeted by persistent threat groups who are after political intelligence, intellectual property, and brand image. Besides, the issue of recurring compromise suggests that the attackers in question are not ones to pull back easily. Closing a few obvious gaps will have no effect on their strongly-motivated plans.
We observe a pronounced limitation in capabilities that can keep their advanced attacks out, and capture malicious payloads in their tracks. Understandably, developing context-aware methodologies can take time and needs attuning. But what really reduces response times is the fundamental understanding of the scope of an incident. These organizations should seek fortification through objective reviews by external advisories and analysts.
EMEA organizations have a large gap to address in the light of mounting pressure from their governments to take control of data breaches – both by defending against them and containing the damage. The losses in billions of pounds suffered by some top UK brands last year bear testimony to the fact that business here cannot afford to fall behind in adopting progressive and continuous threat protection.
That said, advancing to sophisticated controls can be quite overwhelming in the absence of strategies both bespoke and mature.
Aleph Tav Technologies orchestrates security operations and threat discovery with flexibility and modularity so companies can progress unruffled.