Woburn, MA – May 2, 2023 — Kaspersky’s recent analysis of incidents reported to their Managed Detection and Response (MDR) service customers revealed that Security Operations Center (SOC) analysts discovered more than three high-severity incidents with direct human involvement every day in 2022. The growing sophistication of human-driven attacks was cited as the primary cause for the spike in incidents.
### Root Causes and Impacts
The analysis found that outsourcing expert external specialists provided an efficient solution for companies looking to address expertise gaps among IT Security professionals. The “MDR Report” revealed that such attacks require an extensive amount of time for investigation and that adversaries use a variety of techniques.
Of the high-severity incidents detected, approximately 30% were associated with Advanced Persistent Threats (APTs), 26% accounted for malware attacks, and just over 19% resulted from “ethical hacking.” The remaining incidents resulted from the successful use of social engineering techniques or were linked to insider threats.
Such attacks usually require a bigger team to investigate, taking longer to detect and resolve. According to Sergey Soldatov, head of security operations center at Kaspersky, “To detect these attacks efficiently, we recommend companies to implement comprehensive threat hunting practices combined with classic alert monitoring.”
### Recommendations for Companies
For greater protection from advanced attacks, Kaspersky suggests companies should:
– Deploy a solution that combines detection and response capabilities and help identify threats without involving additional in-house resources.
– Provide their SOC team with access to the latest threat intelligence and ensure in-depth visibility into cyber threats targeting their organization.
– Provide their staff with essential cybersecurity knowledge to reduce the likelihood of targeted attacks.
– Implement expert Incident Response training to improve the expertise of their in-house digital forensics and incident response team.
### Conclusion
The extensive report shows that sophisticated, human-driven cyber attacks continue to grow and require more resources to be investigated. As the threat landscape remains complex and ever-evolving, it is crucial for companies to keep their cybersecurity strategy up-to-date and their team members aware of the latest threats.
Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. It is essential for companies to stay vigilant and make sure that their security posture is ready to withstand such attacks.
The full Kaspersky Managed Detection and Response Analyst Report 2022 is available here.
<< photo by cottonbro studio >>
