BTB Industry Report Scorecard: FireEye Mandiant M-Trends Report

M-Trends Report

Every year cybersecurity solution vendors release reports citing their take on the latest industry trends and threats.  Some of these reports are insightful and useful while others are thinly disguised marketing pieces.  We considered releasing one of our own but, rather than adding to our readers’ to-do lists, we decided to take some burden off your shoulders and provide a crib notes review of these releases.  With our Industry Report Scorecard series, we take key cybersecurity industry reports and boil them down into easy-to-read, quick-hitting summaries of the best information, key trends and top takeaways that we believe are actionable and productive to helping business leaders better manage their security posture throughout their organization.

M-trends REPORT

Here we dive into FireEye Mandiant’s M-Trends Report. This report is based on in-depth knowledge and observation, offering actionable recommendations that, when properly applied, can provide more effective prevention against, and detection of, attacks. The authors also do a good job of explaining and defining concepts such as multi-faceted extortion. While the piece is quite long at 83 pages, it is a useful source of information particularly in regard to identifying threat actors, their motivations, and ransomware trends. Our scorecard highlights key findings such as:

  • A relatively small subset of ATT&CK techniques were employed in over 95% of intrusions, hardening your systems against known threat actions is key to thwarting the bulk of attacks.

  • Double extortion is a popular tactic, with perpetrators first using ransomware to infiltrate a network to steal sensitive information and then threatening the victim with exposure if they don’t pay the ransom.

  • Malware remains largely proprietary- 78% of the malware used in observed breaches is not publicly available.

In addition to analyzing the report and its findings, we also provide our own recommendations on how you can protect your organization against ransomware attacks and improve your security posture overall.  Simple solutions such as awareness training, vulnerability and patch management solutions, penetration testing, and deploying successful monitoring can all make a significant difference to your risk of attack. And, as always, pay special attention to privilege management.

View our scorecard for a full analysis of the report, key takeaways, and recommended steps to mitigate your organization’s risk of falling victim to a successful ransomware attack.

Contact Us

Related Posts