VMware has released the Carbon Black ‘2020 Cybersecurity Outlook’ report on Thursday, which has provided a holistic analysis of how attackers have evolved, what defenders have done to stay ahead of the curve and how security and IT teams can work together to enhance its protective software moving forward.
“We need IT teams to look toward security solutions that are built in and not bolted on. It’s time for security to become part of our organizational DNA. It’s time security becomes intrinsic to how we build, deploy and maintain technology,” said Rick McElroy, one of the report’s authors.
VMware utilized the MITRE ATT&CK framework to conduct Section I of the research. The report analyzed the top attack tactics, techniques, and procedures (TTPs) throughout 2019 and provided specific guidance on ransomware, commodity malware, wipers, access mining and destructive attacks.
In Section II of the report, VMware Carbon Black collaborated with Forrester Consulting on a 624-person survey, including IT and security managers, CIOs and CISOs to explore the current state of IT and security relationship dynamics from the C-level to the practitioner level, and how they will evolve.
The report revealed that attacker behavior has become more evasive, showing that attackers are increasingly attempting to circumvent legacy security solutions. Defense evasion behavior was seen in more than 90 percent of the 2,000 attack samples we analyzed.
Defense evasion behaviors have been continuously used in ransomware; the report found it was integrated in 95 percent of analyzed samples. These ransomware attacks are heavily targeting organizations in energy, government and manufacturing sectors.
VMware noted that IT and security teams generally share common goals, including preventing breaches, efficiency and incident resolution, but 77.4 percent of survey respondents said IT and security currently have a negative relationship. 55 percent of survey respondents said that fostering collaboration across IT and security teams should be the organization’s top priority.
Additionally, over 50 percent of survey respondents said that both security and IT will share responsibility for key areas like endpoint security, security architecture and identity and access management.
“Defenders must stop thinking about how to achieve results on their own. Defenders must continue to build bridges with IT teams. The time for cooperation is now. We can no longer afford to go at this problem alone,” added McElroy.
VMware software powers the world’s complex digital infrastructure. The company’s cloud, networking and security, and digital workspace offerings provide a dynamic and efficient digital foundation to customers globally, aided by an extensive ecosystem of partners. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough innovations to its global impact.