ReliaQuest, the leader in AI-powered security operations, published its Annual Threat Report, which reveals that attackers are moving at greater speed than ever before. Once inside networks, lateral movement can take as little as 27 minutes (48 minutes on average). Meanwhile, security operations are taking greater advantage of tools like AI and automation to speed up defenses — and notably the rapidly growing power of agentic AI agents.
ReliaQuest customers using automated workflows in 2024 dramatically reduced their mean time to contain (MTTC) cyber threats to as little as 3 minutes, compared to 6.3 hours without automation.
Cyber Technology Insights: Kubescape Hits Major Milestone in Open-Source Security
Though attackers are moving faster, they’re still using tried-and-tested methods. Phishing remains the top initial access method. Nearly 30% of reported phishing emails now contain credential harvesters, which lay the groundwork for larger attacks like business email compromise. Enhanced by AI, credential harvesting emails now feature more polished language, fewer errors, and highly convincing designs, making them an increasingly effective and scalable weapon for cybercriminals. The more quickly attackers gain this access, the more quickly they can spread and do real damage to an organization.
“Time is the enemy in cybersecurity,” said Michael McPherson, ReliaQuest Senior Vice President of Technical Operations. “Attackers are moving faster than ever, which means our defenses must speed up as well. Manual responses are no longer sufficient to stop today’s threats. We have to take advantage of automation and AI to stay ahead. Agentic AI is now taking this even further and is capable of processing security alerts 20x faster than traditional methods with 30% greater accuracy at identifying true threats to the business.”
Cyber Technology Insights: New KnowBe4 Report Unveils Info Sharing’s Security Impact
In addition to utilizing automation and AI, ReliaQuest’s research identified five other critical controls that security teams must address to avoid being exposed to threats. These are:
- Improve detections – Insufficient monitoring or logging leaves parts of the system vulnerable, making it impossible to detect or investigate malicious activity.
- Ensure all devices are monitored – Devices without security controls like endpoint protection or monitoring agents create security gaps, providing attackers with open pathways throughout networks.
- Use secure VPNs – VPNs lacking essential protections like multifactor authentication (MFA) or device-based certificates allow attackers to exploit stolen credentials and gain network access.
- Limit external exposure – Vulnerabilities in internet-facing devices serve as entry points for attackers to infiltrate the network.
- Maintain vigilance around social engineering tactics, especially those targeting IT teams – Weak institutional controls make organizations easy targets for social engineering attacks, with 14% of breaches in 2024 involving social engineering for initial access or privilege escalation
Cyber Technology Insights: Aeris Introduces IoT Watchtower, World’s First Integrated Cellular IoT Security Solution
To participate in our interviews, please write to our CyberTech Media Room at news@intentamplify.com
Source – businesswire
