Gatewatcher unveils research into advanced persistent threats

Pan-European report shows lack of network visibility tops concerns.

  • Friday, 12th May 2023 Posted 1 year ago in by Phil Alsop

Gatewatcher has launched its inaugural analysis of the pan-European, advanced persistent threat (APT) landscape. Drawing on responses from of 300 IT decision-makers across the UK, France and Germany, the report highlights the main fears faced by organisations and the solutions they use to address the challenges of APT threats. Conducted by Vanson Bourne, the research reveals a worrying lack of visibility into networks that exposes organisations to cyber risks and large-scale disruptions that can inflict substantial losses.

 

APT threats: An awareness of the technological challenge

 

The survey shows a clear awareness of APT threat detection with more than 9 in 10 currently looking for APTs. When asked about their attitudes and the main obstacles they face in their fight against these threats, 25% of respondents currently seek to detect and discover APTs but face challenges identifying the method of entry.  A further 21% face challenges supporting the technology.

 

These concerns are within the context of APTs being addressed within the organization - the study also revealed that just under 1 in 5 (19%) currently outsource their protection against APTs to a managed service provider (MSP) or managed security service provider (MSSP). 

 

APT: lack of visibility as a risk factor

 

When asked to address the specific issues surrounding APTs and how they might compromise the security posture or their organisation, just under half (47%) of respondents identified a lack of visibility throughout the network as a key factor, whilst a further 40% disclosed a lack of the necessary skills within their security teams.

 

A further 35% also mentioned gaps in current endpoint provision and nearly a third (30%) cited false positive and the subsequent alert fatigue as a source of security compromise. Reflecting the increased awareness of the importance of securing the supply chain, 29% identified third-party subcontractors that are connected to an organisation’s systems as a source of APT threat.

 

Security Challenges Ranking: Perception gaps

 

The survey also identifies six security challenges[2] ranked by perceived risk level. Across all three markets, the cybercrime threat of individual bad actors, such as independent black hats, hacktivists or script kiddies is seen as the most pressing cyber security challenge faced by organisations, identified by 54% of respondents.

 

The study also points to differences in perception between British, French, and German decision-makers. In France, data loss tops the list of concerns (65%), while the threat from independent hackers is the top concern in Germany and the UK (62% and 52% respectively). Ransomware is also the second biggest concern for German IT decision makers (52%), compared to 47% and 43% in France and the UK.

 

 

NDR: a future solution to APTs

 

When asked to detail the technology portfolio used against APTs, Endpoint Detection & Response (EDR) was the most present, cited by nearly two-thirds (62%) of respondents.  This was followed by firewalls (57%) and then a very close third and fourth between Security Information and Event Management (SIEM) and Network Detection and Response (NDR) with 56% and 55% respectively.

 

The emergence of NDR solutions in fourth place illustrates the growing need for IT decision-makers to have visibility across the entire IT network and to protect themselves against large-scale threats, with potentially catastrophic impacts.  

 

" Gatewatcher's Cyber Threat Barometer - our monthly, active monitoring and Cyber Threat Intelligence solution -, provides an overview of cyber threats, including the evolution of certain advanced persistent threats - but this is only the thin end of an extremely dangerous wedge," says Philippe Gillet, CTO of Gatewatcher. He adds: "By providing a snapshot of APT threats and challenges, this study conducted by Vanson Bourne aims to contribute to the constructive search for solutions for the future. The results are encouraging: it shows us that businesses are still relying heavily on endpoint protection, whilst recognising that it is visibility across the network that is now needed to address APTs. As recent examples have shown, these advanced attacks exhibit patience and strategic thinking.  As such, it is time to evolve and adapt our approach to the threat landscape and see APTs as the new normal in cybersecurity. This will mandate network technologies that offer high visibility of threats hidden in the network and represent an essential lever for strengthening the cybersecurity posture of businesses.’’