"Telemetry Gaps Leave Networks Vulnerable as Attackers Move Faster"

According to Sophos, telemetry logs are missing in about 42 percent of the attack cases studied. In order to hide their tracks, cybercriminals have disabled or wiped out the telemetry in 82 percent of these cases. Telemetry gaps lessen essential visibility into organizations' networks and systems, especially as attacker dwell time, which is the time from initial access to detection, continues to decrease, reducing the time defenders have to respond to an incident effectively. When responding to an active threat, time is critical because the further along the attack chain an attacker gets, the more difficult it is for responders. Missing telemetry only adds time to remediations, which most businesses cannot afford. This article continues to discuss key findings from Sophos' "Active Adversary Report for Security Practitioners."

Help Net Security reports "Telemetry Gaps Leave Networks Vulnerable as Attackers Move Faster"

Submitted by grigby1