Carbon Black Quarterly Incident Response Threat Report
Photo Gallery
Carbon Black Quarterly Incident Response Threat Report
Additional Info
Job title of nominated professional (or team name) | Chief Cybersecurity Officer (Tom) & Communications Content Lead (Ryan) |
Company (where nominated professional or team is working) | Carbon Black |
Website | https://www.carbonblack.com |
Company size (employees) | 1,000 to 4,999 |
Country | United States |
Headquarters Region | North America |
Overview
Carbon Black has one of the most robust incident response (IR) partner programs in the industry with more than 60 IR partners around the world. In an effort to gauge the current attack landscape and to quantify the latest attack trends seen by these leading IR firms, Carbon Black introduced the Quarterly Incident Response Threat Report (QIRTR) in 2018.
This report aggregates both qualitative and quantitative input from Carbon Black IR partners (who participate in one incident response engagement per day on average) and provides key insight to industry leaders on how the attack landscape is shifting. The QIRTR reports were widely covered in the news and gave security practitioners deeper insight into threats they face everyday.
Among the key findings from the 2018 QIRTR reports:
– China and Russia remain responsible for nearly half of all cyberattacks.
– Destructive attacks are on the rise. IR firms said that victims experienced destructive attacks 32% of the time.
– Over half of IR firms encountered instances of attempted counter incident response.
– Half of today’s attacks leverage “island hopping,” whereby attackers target organizations with the intention of accessing an affiliate’s network.
Accomplishments
1) Industry insight and thought leadership: Beyond aggregating geopolitical attack trends, the QIRTR seeded multiple terms in 2018 that have quickly become ubiquitous, including lateral movement, island hopping and counter incident response. As a result, the QIRTR reports were Carbon Black's most downloaded assets in 2018.
2) Widespread media coverage - The QIRTR was widely covered by mainstream and cybersecurity media, giving security professionals a deeper look and understanding of threats their organizations face.
3) Helping innovation in the industry - Insights from the QIRTR and its accompanying research have helped developers build stronger cybersecurity products and features that help create more advanced visibility into modern threats seen in the QIRTR reports.