FireEye Releases Mandiant M-Trends 2018 Report

Organizations across the globe are quicker than before at identifying attacker activity themselves

MILPITAS, CA – April 4, 2018 – FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today released the Mandiant® M-Trends® 2018 report. The report shares statistics and insights gleaned from Mandiant investigations around the globe in 2017.

The key findings include:

  • Organizations which can detect breaches are doing so faster – In 2016, the median duration between the start of an intrusion and it being identified by an internal team was 80 days, but in 2017 it decreased to 57.5 days. This shows that organizations appear to be getting better at discovering breaches internally, rather than being notified by law enforcement or another outside source. The global median dwell time before any detection —external or internal— rose to 101 days in 2017, from 99 in 2016.
  • Once a target, always a target – FireEye data provides evidence that organizations which have been victims of a targeted compromise are likely to be targeted again. Global data from the past 19 months found that 56 percent of all FireEye managed detection and response customers which received incident response support were targeted again by the same or a similarly motivated attack group. Findings also show that 49 percent of customers with at least one significant attack were successfully attacked again within one year.
  • Cybersecurity skills gap, ‘the invisible risk’ – The demand for skilled cyber security personnel is continuing to rise, but the supply is not keeping pace. Industry research data by the National Initiative for Cybersecurity Education (NICE) and insights gained through FireEye engagements throughout 2017 point to the deficit getting worse over the next five years. These findings show that the main areas being affected by the skills gap are visibility and detection, and incident response. In both of these disciplines, a lack of expertise can cause costly delays in dealing with malicious activity.

“FireEye has seen organizations make gains in their response to breaches in some areas, such as their ability to detect intruders, but they still face a number of challenges,” said Chris Nutt, Managing Director of Mandiant at FireEye. “Many companies face campaigns waged by multiple threat actors in the aftermath of a compromise, and the skills shortage in cyber security makes these challenges even greater.”

A full copy of the Mandiant M-Trends 2018 report is available for download.

About FireEye, Inc.

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 6,600 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.

© 2018 FireEye, Inc. All rights reserved. FireEye, Mandiant and M-Trends are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.


Kate Patterson, 408-321-4957


Dan Wire, 415-895-2101