Encrypted attacks breach 70 percent of organizations
New research from Vectra AI finds 70 percent of organizations have fallen victim to an attack that used encrypted traffic to avoid detection, and 45 percent admit they've been victims more than once.
It's concerning that 66 percent say they don't have visibility into all their encrypted traffic, leaving them highly vulnerable to further encrypted attacks.
Cybersecurity and networking professionals are struggling with increasing workloads too, 45 percent feel threat detection and response workloads have increased, with 40 percent citing more resources in the cloud, and 36 percent more devices on the network.
The sophistication of threats has increased according to 37 percent, making it difficult for analysts to spot legitimate attacks. 69 percent agree that the lag between exploitation and detection gives attackers too much time to breach a network, with 29 percent also citing communication issues between SOC and other IT teams.
In addition 23 percent believe SOC analysts do not have the right level of skills, and 18 percent believe they're understaffed, suggesting security analysts are not equipped to deal with the scale of cyberattacks they face.
And this isn't just a problem for larger enterprises, 60 percent of SMBs feel threat detection and response is now harder -- showing smaller organizations are struggling to keep pace with the evolving cybercrime landscape
"Organizations face a barrage of threats on all fronts -- in their network, cloud and IT environments -- while cybercriminals use techniques like encryption to breach firms undetected. What's more, many don't have the skills or staff to deal with increasing security workloads," says Mark Wojtasiak, VP product strategy at Vectra. "To stem the tide against them, security teams need total visibility into their environments, so they can spot the signs of an attack before it becomes a breach. By empowering analysts with AI-driven Attack Signal Intelligence, organizations can prioritize otherwise unknown and urgent threats that pose the greatest risk to the business. This improves analyst throughput by reducing alert noise, and arms them to reduce risk and keep organizations safe."
The full report is available from the Vectra site.