Homepage Bench PR newsroom
Register as BUSINESS Register as PR AGENCY Register as JOURNALIST

VMware Carbon Black ‘2020 Cybersecurity Outlook’ Report Reveals Evolving Attacker Behaviours, Relationship Dynamics Between IT and Security Teams

Announcement posted by Bench PR 27 Feb 2020

  • Modern attacks are increasingly leveraging evasive behaviours to circumvent legacy security solutions; ransomware has a resurgence  
  • Industry survey finds collaboration between IT and security teams is a top priority amidst growing tension and staffing concerns 


    Sydney, 27 February, 2020 – VMware, Inc. (NYSE: VMW), a leading innovator in enterprise software, today released the VMware Carbon Black “2020 Cybersecurity Outlook” [1] report, which offers a holistic view at how attackers have evolved, what defenders are doing to keep pace and how security and IT teams can work together in 2020 and beyond. 

     

Using the MITRE ATT&CK™ framework as the backdrop for the Section I of the research, the report uncovers the top attack tactics, techniques, and procedures (TTPs) seen over the last year and provides specific guidance on ransomware, commodity malware, wipers, access mining and destructive attacks.  

 

In Section II of the report, VMware Carbon Black collaborated with Forrester Consulting on a 624 person survey (IT / security manager and above, including CIOs and CISOs) to explore the current state of IT and security relationship dynamics from the C-level to the practitioner level, and how these will evolve. 

 

Among some of the key findings from the report: 

 

  • Attacker behaviour continues to become more evasive, a clear sign that attackers are increasingly attempting to circumvent legacy security solutions. Defense evasion behaviour was seen in more than 90 percent of the 2,000 attack samples we analysed. 

 

  • Ransomware has seen a significant resurgence over the past year. Defense evasion behaviours continue to play a key role with ransomware (95 percent of analysed samples). These ransomware attacks are heavily targeting organisations in energy, government and manufacturing sectors, suggesting that ransomware’s resurgence has been a nefarious byproduct of geopolitical tension.

 

  • Wipers continue to trend upward as adversaries (including Iran) began to realise the utility of purely destructive attacks.

 

  • IT and security teams appear to be aligned on goals (preventing breaches, efficiency, incident resolution) but 77.4 percent of survey respondents said IT and security currently have a negative relationship, according to our study conducted with Forrester Consulting.

 

  • 55 percent of survey respondents said driving collaboration across IT and security teams should be the organisation’s top priority over the next 12 months, according to our study conducted with Forrester Consulting.

 

  • More than 50 percent of survey respondents said that both security and IT will share responsibility for key areas like endpoint security, security architecture and identity/access management over the next three to five years, according to our study conducted with Forrester Consulting.[2]

 

For a  full look at the key findings and to download the full report, click here.

 

“Defenders must stop thinking about how to achieve results on their own. Defenders must continue to build bridges with IT teams. The time for cooperation is now. We can no longer afford to go at this problem alone. We need IT teams to look toward security solutions that are built in and not bolted on. It’s time for security to become part of our organisational DNA. It’s time security becomes intrinsic to how we build, deploy and maintain technology,” said Rick McElroy, one of the report’s authors. 

 

About VMware

VMware software powers the world’s complex digital infrastructure. The company’s cloud, networking and security, and digital workspace offerings provide a dynamic and efficient digital foundation to customers globally, aided by an extensive ecosystem of partners. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough innovations to its global impact. For more information, please visit https://www.vmware.com/company.html

 

VMware, Carbon Black, Service-Defined Firewall, and NSX are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions. This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.

 

 

(1) ‘2020 Cybersecurity Outlook Report’ – a VMware Carbon Black research project. Using the MITRE ATT&CK™ framework as the backdrop for the Section I of the research, the report uncovers the top attack tactics, techniques, and procedures (TTPs) seen over the last year and provides specific guidance on ransomware, commodity malware, wipers, access mining and destructive attacks. In Section II of the report, VMware Carbon Black collaborated with Forrester Consulting on a 624-person survey (IT / security manager and above, including CIOs and CISOs) to explore the current state of IT and security relationship dynamics from the C-level to the practitioner level, and how these will evolve.

 

(2) Source: a commissioned study conducted by Forrester Consulting on behalf of VMware, January 2020

 

# # #

 

Media Contacts

Michelle Bong

BENCH PR

Phone: +61 422 966 013

michelle@benchpr.com.au