The Ivanti Threat Thursday Update for August 31, 2017: Mo’ Surveys, Mo’ Problems…

Greetings. The latest security-related research findings from Microsoft and RiskIQ offer much food for thought — and concern. Please feel free to share any opinions, reactions, suggestions, or tips evoked by those findings. Thanks in advance.

Microsoft: Attacks on Cloud-Based Accounts Up 300 Percent

Microsoft has released Volume 22 of its semi-annual Security Intelligence Report. Based on intelligence gathered from users of Microsoft Windows, Office 365, and Azure in more than 100 countries, the report provides findings that are both interesting and disturbing.

  • As reported by TechRepublic, according to Microsoft’s report, “there was a ‘300 percent increase in Microsoft cloud-based user accounts attacked year-over-year.’ The attacks on cloud services can be traced to all countries of the world, but in the case of Azure specifically, some 35% originated in China, with another 32% coming from the United States.”
  • According to a Microsoft infographic based on the report, “A large majority of these compromises are the result of weak, guessable passwords and poor password management, followed by targeted phishing attacks and breaches of third-party services.”
  • To reduce vulnerability to these and other threats, Microsoft recommends that enterprise users “not work in public Wi-Fi hotspots” and regularly update their operating systems and applications. Enterprises should also educate users about the risks of credential compromise, and enforce security policies that control and limit access to corporate networks and sensitive data.

What We Say: Microsoft’s recommendations align closely with those of multiple respected cybersecurity authorities, including the U.S. National Institute of Standards and Technology (NIST) the Center for Internet Security (CIS), and the National Cyber Security Centre (NCSC) in the UK. Your enterprise must patch server and client operating systems and applications, and control users’ applications, devices, and admin privileges. Those measures must be augmented by frequent, timely back-ups of critical data, and rapid, effective remediation of compromised systems. Technologies that accomplish these goals must be combined with tools and processes that educate and inform users about how they can best improve cybersecurity, for themselves and the enterprise. (See “Infected by Ransomware—Now What? and “User Education for Cybersecurity: Yes, It’s Worth It.”)

Survey: Cybersecurity Spending to Increase — But Confidence Remains Low

Digital threat management solution provider RiskIQ announced release of the 2017 State of Enterprise Digital Defense Report. The study is based on a survey of 465 IT information security decision makers in U.S. and UK, conducted by IDG Connect. The survey results are more concerning than calming.

  • “According to respondents, an average of 40 percent of organizations experienced five or more significant security incidents in the past 12 months.”
  • “68 percent of respondents express no to modest confidence to manage digital threats.”
  • “70 percent of respondents have no to modest confidence in reducing their digital attack surface.”
  • Almost one-quarter of respondents from healthcare and pharmaceutical companies (24 percent) expressed “little to no confidence in their ability to assess digital risk.”
  • More than half of all respondents “expect their near-term digital defense investment to increase between 15 to 25 percent or higher.” However, only 31 percent expressed “high confidence in the likelihood that their organizations can mitigate or prevent digital threats.”
  • “Across [all surveyed] industries, an average of 35 tools are employed to thwart web, social, and mobile threats.”

What We Say: More spending on cybersecurity does not automatically mean more or better cybersecurity. For maximum business value, that spending must be on solutions that offer both immediate protections and the ability to evolve along with threats and attacks. Those solutions must also support comprehensive discovery, reporting, and analytics. These features can help you and your team to know, show, and tell as much as possible about your environment, your threats, and the value to your enterprise of its cybersecurity investments. (See “Your Threats Are Evolving. Are Your Defenses?” and “Reporting: The Sports Journalism of IT.”)

Ivanti: Your Partner for Cybersecurity Confidence

You, your colleagues, and your enterprise need cybersecurity solutions that offer effective protection and demonstrable benefit, today and tomorrow. Ivanti has the solutions you need. And through September, you can get select combinations of Ivanti cybersecurity offerings at discounts of up to 30 percent.

Check out the offer details. Get free trials of our patch management solutions. Investigate our solutions for defending against and remediating malware attacks, and for control of user applications, devices, and admin rights. See how we help ease, speed, and improve IT reporting and analytics. Then, contact Ivanti. Let us work with you to improve the effectiveness and business value of your cybersecurity investments. And keep up with those rapidly evolving cybersecurity threats and responses to them with our Patch Tuesday and Threat Thursday updates.