67% of security leaders lack visibility into access behaviour and lateral movement.

76% of organizations have at least one public-facing asset that enables lateral movement.

47% say that a challenge in securing and managing hybrid cloud is the lack of comprehensive insight and visibility across their environments, including lateral movement in East-West traffic.

DirectDefense mapped alerts to the MITRE ATT&CK® framework to identify the top five tactics. The top five tactics identified are: Initial Access, Persistence, Lateral Movement, Execution, and Credential Access.

For Lateral Movement, the most observed technique by DirectDefense is Valid Accounts, using stolen credentials to escalate privileges. Alerts triggered for Lateral Movement include: Lateral Movement – Local Credentials.

96% of attackers targeting energy and utilities sector relied on remote services to move laterally.