Bangalore, January 29, 2020: CrowdStrike, a leader in cloud-delivered endpoint protection, has releasd e CrowdStrike Services Cyber Front Lines Report which provides valuable takeaways from the front lines of incident response (IR) cases spanning 2019 and shares insights that matter for 2020 and beyond.
The report identifies new attack methods and challenges, while offering recommendations for organizations looking to improve overall breach preparedness, detection and response capabilities.
The Report offers all-encompassing investigative analysis into IR investigations in multiple countries, regions and industry sectors, and references the MITRE ATT&CK™ framework, offering best practices for organizations looking to improve cyber defenses. It reveals that over the course of 2019, 36% of the incidents that Services investigated were most often caused by ransomware, destructive malware or denial of service attacks, revealing that business disruption was often the main attack objective of cyber criminals. Another notable finding in the report shows a large increase in dwell time to an average of 95 days in 2019 — up from 85 days in 2018 — meaning that adversaries were able to hide their activities from defenders for longer, and that organizations still lack the technology necessary to harden network defenses, prevent exploitation and mitigate cyber risk.
Other notable findings from include:
The report found that organizations that meet the 1-10-60 benchmark — detect an incident in one minute, investigate in 10 minutes and remediate within an hour — are improving their chances of stopping cyber adversaries. However, the 2019 CrowdStrike Global Security Attitude Survey found that the vast majority of organizations struggle to meet the 1-10-60 standard.
Beyond the 1-10-60 benchmark, the report offers guidance on remaining protected against today’s ever-evolving threat landscape, including integrating next-generation endpoint security tools and proactive strategies to strengthen cyber posture. Innovative tools and tactics such as machine learning, behavioral analytics and managed threat hunting teams help uncover cyber criminal behavior and motivations, while also preventing incidents from turning into breaches