Attackers Continue to Access Valuable, Sensitive Data According to Poll Co-Sponsored by Guidance Software

Cyber attackers are continuing to have access to valuable, sensitive data, such as login and access credentials, according to the Third Annual SANS Endpoint Security Survey conducted by SANS Institute and co-sponsored by Pasadena-based Guidance Software.

“Cybercriminals are constantly looking for ways to infiltrate a company’s network to steal valuable data. The longer they remain undetected, the greater the damage they can inflict,” Ken Basore, SVP of Product Engineering at Guidance Software, said. “This survey highlights the need for 360 degree visibility into an organization’s endpoints and for an aggressive, proactive approach to security.”

SANS surveyed 829 IT professionals around the globe to explore how they monitor, assess, protect and investigate their endpoints. A majority of respondents, 34 percent, were security analysts. Sixteen percent of the respondents were security managers or chief information security officers, and about 15 percent were IT managers or CIOs.

While 44 percent of respondents said that their endpoint systems have been compromised within the last 24 months, 15 percent reported that they didn’t know how many threats were detected through proactive hunting. For the second year in a row, more than a quarter of respondents were notified of a breach by a third party.

Forty-one percent of the respondents said they were not able to acquire information about unauthorized sensitive data that they need to detect threats. An additional 39 percent said they are unable to acquire endpoint data from memory-based artifacts, while 33 percent were unable to access data on finger print running applications.

A majority of professionals, about 74 percent, want results from endpoint queries in an hour or less and 38 percent want that data in five minutes or less.

Sixty-five percent of respondents said that determining the impacted data on breached endpoints and determining the scope of a threat across multiple endpoints was impossible. With this very limited visibility into the impact of a breach, an organization’s ability to remediate the damage will likewise be limited.

The complete survey results will be discussed in greater detail in a two-part webcast titled, “SANS 2016 Endpoint Security Survey Part 2: Can We Say Next-Gen Yet?” on Friday, March 18 at 1 p.m. Eastern. “How Close We Are to Having Next-Gen Capabilities” will be covered on March 19 at 1 p.m. Eastern.

For more information, visit www.sans.org.webcasts/101805.