According to the Verizon Data Breach Investigations report (DBIR) of 2014, compromised credentials are now the most commonly-used threat action. Stolen credentials were the most prevalent method for breaking in networks. At the same time, compromising user accounts via phishing and social engineering techniques was the third-most used attacker tool.
The Verizon DBIR also shows how the discovery of such attacks seriously lags behind the attacks themselves. For example, when looking at the compromise of point-of-sale machines, 88% of the time the machine is compromised and data exfiltrated within seconds to minutes of network entry. Meanwhile, in 85% of the attacks, detection of that attack happens weeks after the breach itself.Worse still, in 13% of cases, it takes months to detect such an attack.
Download this free whitepaper to see how you can better detect malicious and compromised users across your network, cloud services, and mobile environments.