“ The most significant change over the last five or 10 years , is the moving of significant amounts of information into the cloud ”
— Tod Beardsley , Director of Research , Rapid7
For the first time in a Threat Report , Rapid7 has addressed the recommendations that its Managed Detection and Response ( MDR ) team identifies . This team currently identifies and stops 85 % of threats within one hour of initiation and more than 90 % within one day . “ At first I thought the data was wrong on that ,” says Beardsley . “ We ’ re huge fans of the MITRE ATT & CK Enterprise Framework at Rapid7 because it really lets you lay out all the preconditions for an event , showing what attackers do to move from compromise , privilege , escalation and lateral movement , through payload , execution and exfiltration of data . We ’ ve moved all of our detection and response to fit into the attack framework and , I don ’ t think this report should be about us patting ourselves on the back , but those figures are really good and impressive . I would say that , for a mature security organisation , 50 % would be a good baseline , so the fact we ’ re hitting 90 % is kind of shocking – in a good way .”
Conclusions from the Threat Report covered several areas . Based on the above , it should be little surprise that Rapid7 encourages all organisations to adopt the MITRE ATT & CK Enterprise Framework to guide threat prevention and response programmes . Other key recommendations included a greater focus on external footprint , the use of multiple threat detection methodologies and the augmentation
55 www . fintechmagazine . com