Combating threats and attacks from a wide variety of attack types and surfaces has become the number one priority for CISOs, according to new research from MIT Sloan in participation with Attivo Networks.

The research titled The Cybersecurity Landscape: Challenges and How to Overcome Them, focused specifically on CISOs, CIOs and other security executives attitudes and responses during the COVID-19 pandemic, and shows that priorities have changed with the shift to remote working.

With more people working from home, attacks that disrupt services or use credential theft are top concerns, along with the need to protect cloud architectures and critical access resources like Active Directory, the study finds.

Furthermore, executives are prioritising security investments that help them fight disruption of service and ensure compliance.

A significant concern is ransomware, in part because business continuity and maintaining uptime are of utmost importance to keep operations running. In fact, nearly all respondents cited disruption/ransom as being their most significant concern.

Indeed, attackers are targeting items of high value to secure ransom payments and this is now driving the highest area of investment among respondents.

When asked about priorities to address in the next 12 months, more than 70% of the respondents chose detecting unknown and known attacks, detection across attack surfaces, and insider threats.

Compliance and regulatory requirements followed by cloud mitigation were the second and third ranked areas of concern driving security investments.

At the same time, ensuring supply chain partners are as secure as possible is increasingly vital to executives since their customers hold the company responsible for any breach, even if a supplier is responsible for it.

As a result, executives are increasingly seeking solutions that help them understand and minimise vulnerabilities from insider and supplier threats, the study shows.

Almost 80% of respondents listed Active Directory security as a top priority for attention and investment. Active Directory is a primary target for attackers since it gives access to so much of an organisations systems.

The survey also found that organisations have strong expansion plans for endpoint and remote site security due to the onset of remote working and the issues associated with VPN split-tunnelling.

Overall, businesses continue to struggle with reducing dwell time and their efficiency in responding to incidents. Recent reports still show average dwell time in days or months rather than minutes.

The majority of respondents value deception technology for its comprehensive threat detection, highlighting the technology's ability to detect any attack vector across any attack surface without relying on known behaviours or signatures. Following closely behind in value is deceptions ability to enable faster triage.

Traditional IPS/IDS and EPP/EDR tools rank highly. What is noticeable is that deception ranked as one of the top two or three detection tools for combating lateral movement, Advanced Persistent Threats (APTs), ransomware and insider threats. prevent those attacks.

Attivo Networks SVP of sales and customer success Sarah Ashburn, says, “Much of this year's research indicates a continued demand for in-network detection that works reliably across existing and emerging attack surfaces and is effective against all attack vectors.

“Our customers tell me that deception provides the easiest way to do gap analysis and in real-time see how dirty their network is. They also see the types of attacks present and the types of technologies needed to prevent those attacks.