FireEye Releases Mandiant M-Trends 2017 Report

Organizations around the globe are becoming better at detecting breaches, but there is still much work to do

MILPITAS, Calif. – Mar. 14, 2017 – FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today released the Mandiant® M-Trends® 2017 report. The report shares statistics and insights gleaned from Mandiant investigations around the globe in 2016, as well as specific to the EMEA and APAC regions. Additionally, the report includes insights from the FireEye as a Service™ (FaaS™) teams for the second consecutive year.

Some of the key findings include:

  • Organizations around the globe are becoming better are identifying breaches. The global median time from compromise to discovery has dropped significantly from 146 days in 2015 to 99 days in 2016.
  • Attackers are more sophisticated than ever before. State-sponsored actors continue to set a high bar for sophisticated cyber attacks, but some financial threat actors have caught up—making them difficult to detect, and challenging to investigate and remediate.
  • An unexpected trend observed in 2016 is attackers calling targets on the phone. They did this to convince victims to enable macros in a phishing document, or to get targets to provide a personal email address to circumvent controls protecting corporate accounts.
  • Defensive capabilities have been slow to evolve. A majority of both victim organizations and those working diligently on defensive improvements are still lacking fundamental security controls and capabilities to prevent breaches or minimize the damages and consequences of a compromise.
  • Organizations must adopt a posture of continuous cyber security, risk evaluation and defensive adaptation. If not, they stand to have significant gaps in both fundamental security controls and – more critically – visibility and detection of targeted attacks.

“The types of attacks we are seeing are familiar, but with increasing sophistication.  Determined attackers are extremely persistent and demonstrate increasing ingenuity in achieving their objectives. Organizations still need to focus on the fundamentals of IT Security,” said Chris Nutt, Managing Director, Mandiant, FireEye.

A full copy of the Mandiant M-Trends 2017 report is available here.

About FireEye, Inc.

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 5,600 customers across 67 countries, including more than 40 percent of the Forbes Global 2000.

© 2017 FireEye, Inc. All rights reserved. FireEye, Mandiant, M-Trends, FireEye as a Service and FaaS are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products or service names are or may be trademarks or service marks of their respective owners.