Less than one-quarter (23 percent) of organizations are capable of responding effectively to a cyberincident, while 77 percent have no capability to respond to critical incidents and often buy support services only after an incident.

That’s accordingly to Solutionary’s annual Global Threat Intelligence Report. It analyzes attacks, threats and trends from the previous year, pulling information from 24 security operations centers, seven R&D centers, 3.5 trillion logs, 6.2 billion attacks and nearly 8,000 security clients across six continents. Solutionary is an NTT Group company.

Rob Kraus, Solutionary’s director of security research and strategy, tells Channel Partners the findings can help drive IT security and decision makers to better choices for protecting infrastructure against threats. There are tactical recommendations that can help reduce impact by disrupting the attacker’s momentum, he said.

“One of the most obvious challenges identified in the report is organizations’ lack of preparedness to effectively handle cybersecurity incidents,” he said. “Threat mitigation and incident response are core to organizations’ survivability and resiliency, but organizations are not making it a priority to invest in these areas.”

Spear phishing attacks accounted for approximately 17 percent of incident response activities supported in 2015. In many cases, the attacks targeted executives and finance personnel with the intent of tricking them into paying fraudulent invoices.

The report tracked an 18 percent increase in malware detected for every industry other than education. NTT clients from the education sector tended to focus less on the more volatile student and guest networks, but malware for almost every other sector increased.{ad}

Some 22 percent of all incident-response engagements originated from the retail vertical-market client base with the finance vertical coming in a close second at 18 percent, according to the report. Nearly 21 percent of vulnerabilities detected in client networks were more than three years old.

With an average of 128,000 attacks per day, those on server message block (SMB), NetBios and Samba were the highest volume attacks detected on the NTT Group global honeynet.

All of the top 10 vulnerabilities targeted by exploit kits during 2015 are related to Adobe Flash, according to the report. In 2013, the top 10 vulnerabilities targeted by exploit kits included one Flash and eight Java vulnerabilities. That has changed as …

{vpipagebreak}

… new Java vulnerabilities have dropped steadily since 2013. The number of publicized Flash vulnerabilities jumped by almost 312 percent over 2014 levels.

“The opportunities for the channel to incorporate solutions certainly exist,” Kraus said. “Whether it be specific solutions or more tactical and strategic in nature, there are plenty of takeaways for the IT channel to leverage. Application of a focused approach to mitigation, including tactical and strategic planning for nurturing security capabilities, is probably the best bet overall. In other words, don’t plan your security around what you can accomplish with next year’s budget, but partner with your CFO and executive teams to develop the road map for the next three to five years. Mitigation is not a single battle, it’s a long term war that needs to be fought as such.”

In a separate survey, NTT Communications reports that not only is Shadow IT a current challenge for chief information officers, but the problem is set to get worse over the next two years.

Based on research of 500 decision makers across IT and lines of business from the United Kingdom, France, Spain and Germany in March, almost three in four (73 percent) of respondents claim they find it difficult to manage their organization’s cloud platforms. Also, 77 percent claim that departments within their organization have commissioned a cloud service without involving the IT department.