2014 Global Threat Intelligence Report Now Out

The new NTT Group Global Threat Intelligence Report has just been published with some very interesting statistics and good recommendations for organizations to renovate their security in light of the ever growing threat from malware, botnets, web application attacks etc. Although it does not directly report on e-mail security it highlights the need to stop malware from entering an organization to begin with.

NTT Report

Key findings from the report:

  • 43% of incident response engagements were the result of malware against a particular end point. Significant factors in these engagements were missing basic controls, such as anti-virus, anti-malware and effective lifecycle management.
  • Research indicates anti-virus fails to detect 54% of new malware collected by honeypots.
  • An open environment such as education has the lion’s share (42%) of malware events.
  • 77% of organizations supported during incident response activities had no incident response plan. It is disturbing most organizations have little to no investment in defining and validating (through effective testing) a plan to help navigatecritical incidents and minimize damage to their systems, their customers and their brand.
  • Distributed Denial of Service (DDoS) attacks accounted for 31% of incident response engagements.
  • Botnet activity accounted for 34% of events observed in 2013. The primary targets of healthcare, technology and finance, accounted for 60% of observed
    botnet activity. This reflects how much these industries rely on the use and flow of information and how dependent they are on maintaining application security for business continuity.

Although there are multiple entry points for malware to enter an organization, e-mail is one that is particularly vulnerable because it replies on the prudence of the e-mail recipient not to be taken advantage of by spoofing and phishing attacks. Technology like Envelope-Content Splitting­® now exists to eliminate spoofing and it is the responsibility of the organization to use it to reduce the threat both internally and with its customers and partners.