Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

SANS: Ransomware is Biggest Threat to Data Security

Ransomware and insider threats are the biggest security threats to data, according to a new SANS Institute study.

The poll of 257 IT and security administrators, engineers, managers, developers and privacy experts revealed nearly half had experienced at least one insider threat and ransomware infection in their organization over the previous 12 months.

Denial of service attacks came a close third in terms of top threats.

Over three-quarters (78%) reported facing two or more threats to their data in the past year, with 12% experiencing a breach. Nearly half (48%) of breaches resulted in exfiltration of data.

Interestingly the most common data sought by hackers in these attacks was user credentials and privileged account information.

“This shows how highly attackers prize access data,” said Sean Tierney, director of threat Intelligence at Infoblox, which sponsored the report. “It’s proving more desirable to them than sensitive data being targeted for financial gain or destruction because it opens the door to significantly more exploitation opportunities.”

The biggest challenge for organizations in achieving the balance between sensitive data protection and availability was a lack of staffing and resources (31%), closely followed by enforcing policy across the lifespan of data.

Worryingly, 59% of respondents claimed to still be relying on manual processes to identify sensitive assets.

Tierney claimed these organizations are exposing their networks and customer data to targeted attacks.

“In order to counter the chances of compromise, they must know how data should flow and design an in-depth defense strategy to secure assets like user IDs, credentials, roles and directories,” he added. “Automating network processes helps uncover sensitive data in previously unknown areas of the network. It frees up time for IT admins to perform more important, high-level tasks.”

What’s Hot on Infosecurity Magazine?