Analysis of global defense-in-depth architectures

Attackers are bypassing conventional security deployments almost at will, breaching systems in a wide swath of industries and geographies. That’s the stark conclusion of new data gathered by more than 1,600 FireEye network and email sensors deployed in real-world networks.

With a unique point to observe how existing security products perform in detecting advanced threats, they concluded that signature-based firewalls, intrusion prevention systems, Web gateways, sandboxes, and anti-virus solutions – and various combinations of those tools – allowed about 27 percent of companies to be breached by advanced attacks.

“As we have seen over the last year, when just one advanced attack slips past the existing defenses of companies, it can have both a costly and debilitating impact that takes months to repair,” said Dave DeWalt, chairman of the board and CEO, FireEye.

Key findings:

• 100 percent of retail organizations involved in the study were breached, with 17 percent of breaches consistent with advanced threats.
• 91 percent of entertainment and media organizations were breached during the study, with 18 percent of breaches consistent with advanced threats.
• 100 percent of participants in the agriculture, auto/transportation, education, and healthcare/pharmaceutical industries were breached during the study.
• Over one-fourth (27 percent) of all organizations experienced breaches known to be consistent with tools and tactics used by APT actors.
• The aerospace/defense industry was the most secure of the study, with 76 percent of organizations involved being compromised.