FireEye Releases First Mandiant M-Trends EMEA Report
EMEA organizations not up to the challenge of stopping advanced threats; dwell time three times longer than global average
MILPITAS, Calif. – June 16, 2016 – FireEye, Inc. (NASDAQ: FEYE), the leader at stopping today's advanced cyber attacks, today announced the release of the first Mandiant® M-Trends® EMEA report. M-Trends EMEA drills down into the statistics collected during investigations conducted in EMEA by Mandiant’s leading consultants in 2015 and details leading cyber trends and tactics threat actors used to compromise businesses and steal data.
Some of the key findings include:
Organizations in EMEA took three times longer to detect a compromise
The mean dwell time (time between compromise and detection) in the region was 469 days versus a global average of 146 days.
EMEA businesses can’t rely on local agencies to receive a
notification of compromise
Only 12% of the observed compromises of organizations in EMEA were detected by an external source. This is a huge disparity with global figures, where external sources accounted for 53% of detections globally. Whilst, through necessity, EMEA organizations discovered breaches themselves 88% of the time, EMEA average dwell time (469 days) would suggest this often came too late.
Many organisations in EMEA were re-compromised within months of
an initial breach
Unsuitable techniques to hunt for attacks within an environment often resulted in a failure to understand the true scope of the incident. Mandiant consultants found many EMEA organizations still opting for a traditional forensic methodology, only analysing a handful of machines, and subsequently increasing the risk of becoming re-compromised.
“With threat actors targeting EMEA organizations with a multitude of motives from strategic intelligence to media impact and brand damage, concerns around advanced cyber threats have swiftly spread from the IT department up to the boardroom,” said Bill Hau, Vice President of Mandiant Security Consulting Services, FireEye. “The majority of organizations need to move away from the traditional methodology of responding to incidents as otherwise the dwell time will not decrease at a fast enough rate. This, coupled with the fact that some EMEA governments are at various levels of maturity with their national CERT or local law enforcement mandate has resulted in businesses being under tremendous pressure to detect threats themselves and, according to our statistics, they simply have not been quick enough to do so. From our observations, there are clearly some stark contrasts between EMEA and the rest of the world, which boardrooms in the region need to address.”
About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 4,700 customers across 67 countries, including more than 730 of the Forbes Global 2000.
FireEye, Mandiant and M-Trends are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products or service names are or may be trademarks or service marks of their respective owners.
+44 777 377 3373