The SANS 2023 Attack and Threat Report

According to this year’s SANS Attack and Threat Report, the single most important factor enabling successful attacks in 2022 was the attackers’ use of reusable credentials, mostly obtained via phishing techniques. Healthcare Information and Management Systems’ (HIMSS) research has found that 27% of SOCs receive up to one million alerts per day. It’s no surprise that security teams are overwhelmed.

In The SANS 2023 Attack and Threat Report, SANS analysts think proactive defense is the solution. What does that look like? Well, some key components of building an effective proactive defense model include:

• Building security into cloud-native applications and modern development processes
• Moving to memory-safe coding languages
• Automating time-consuming processes like compliance reporting and alert prioritization, to allow resources—both budgets and skills—to be focused on complex, high-risk areas
• Establishing team skills in threat hunting and purple teaming
• Working with stakeholders across the enterprise to ensure that security is a prime factor in the selection of supply chain partners (40% of breaches in 2022 were via a supply chain partner)

Download the SANS report to learn more about the top cyberattacks facing enterprises today.