"Three-Quarters of CISOs Predict Another SolarWinds-Style Attack"

According to a new Splunk report, some 84% of global organizations have suffered a severe security incident over the past two years, and a majority are expecting another SolarWinds-style supply chain attack.  Researchers interviewed 535 security leaders in nine leading economies across multiple industries to compile its latest report called "The State of Security 2021".  Of the companies that were successfully attacked, email compromise (42%) was the most common incident, followed by data breaches (39%), mobile malware (37%), and DDoS (36%).  Over three-quarters (78%) of the participants expressed concern about more sophisticated supply chain attacks coming in the future.  The researchers also found that cloud complexity is emerging as a major threat to global organizations, with three-quarters (75%) of respondents already using multiple providers. Over half (53%) of the respondents claimed attacks had increased in this area during the pandemic, and 76% of the respondents claimed that remote workers are harder to secure.  Nearly 90% of participants already run a substantial number of their business-critical applications in the public cloud.  Two of the key challenges of securing cloud environments highlighted by respondents were maintaining and enforcing consistent policies (50%) and the complexity of using multiple security controls (42%).  The researchers are urging organizations to modernize their Security Operations Centers (SOCs) with new SIEM platforms and more automation, such as in user and entity behavior analytics (UEBA) and security orchestration, automation, and response (SOAR) tools.

Infosecurity reports: "Three-Quarters of CISOs Predict Another SolarWinds-Style Attack"