Global Survey Finds 71% of Cloud Users Suffered up to Seven Malicious Account Takeovers in Last Year

Gap between attacker and defender capabilities is widening
Vectra AI
2021-03-18 06:00 798

SINGAPORE, March 18, 2021 /PRNewswire/ -- Vectra AI, a leader in network detection and response (NDR), today released its global survey of 1,112 security professionals working in mid to large sized organisations using Microsoft Office 365. The results confirm that the COVID-19 pandemic has accelerated cloud migration and digital transformation among 88% of companies and that 71% of Microsoft Office 365 deployments have suffered an account takeover of a legitimate user's account, not once, but on average seven times in the last year. 

The fact that three in four companies have experienced malicious account takeover attacks may explain why over 60% of Asia Pacific respondents believe the gap between the capabilities of attackers and defenders is widening.

The challenges faced by defenders also mirror findings of the last Spotlight Report which tracked the behaviour of four million Microsoft Office 365 customers over 90 days. Account takeovers were on the top of the list of methods used by attackers to move laterally between the cloud and network. The report also found that 71% of customers showed suspicious Office 365 Power Automate behaviors.

Chris Fisher, Director of Security Engineering APJ for Vectra says, "Eighty percent of Singaporean survey respondents indicated their organisation's cybersecurity risk had increased in the last 12 months to February 2021. As a result of increased Microsoft Office 365 usage during COVID-19, their main security concern is now the risk of data being comprised and the ability for hackers to hide their tracks by using legitimate Microsoft tools, such as Power Automate and e-Discovery."

In terms of 2021 threats, 48% of Singaporean respondents expect to see a continuation of identity-based attacks on authorised users. When it comes to improving their security posture in 2021, more Singaporean companies are planning to invest more in people and technology.

Vectra's survey also revealed a high level of confidence among security teams in the effectiveness of their own company's security measures: nearly four in five claim to have 'good' or 'very good' visibility into attacks that bypass perimeter defences like firewalls. However the combined number one priority tool for investment within these companies is NDR (Network Detection and Response) followed by EDR (Endpoint Detection and Response) to help bolster their defenses.

How security professionals are currently allocating their focus was also reflected in Vectra's survey which found about 20% of team time is being spent on reactive investigations with a similar amount on proactive investigations.

"Not surprisingly, stress levels have increased among APAC respondents because of COVID-19," says Fisher. "The biggest frustration for those with security solutions appears to be a lack of integration with other solutions and the amount of time needed to manage them."

Fisher says cyber threats left unidentified can have huge financial and reputation repercussions as more attackers seek to exploit ongoing COVID-19 challenges across industries. "Entities need to focus on their networks and maintain good cyber hygiene to drive down the noise coming into security operation centres. How quickly an entity responds to a breach and identifies the attacks quickly and effectively will determine who succeeds in this fast-changing time," Fisher comments.

"Vectra delivers a demonstrably powerful enabler for security teams to achieve more, in compressed timeframes and ultimately protect and reduce business risk for their organisation," said Fisher. "The tremendous value of our AI-driven NDR platform, which combines advanced machine learning algorithms and insightful threat research, is evident in our growing number of new customers in the Asia Pacific region.

Other key findings from the report include:

  • IoT/Connected devices and identity-based attacks are the top two security concerns for 2021
  • 58% of businesses plan to invest more money in people and technology and 52% will invest in AI and automation in 2021
  • The biggest frustration with existing security solutions is the amount of time needed to manage them
  • The best thing about their roles as security professionals is the satisfaction of stopping attacks and protecting their companies, whilst frustration at end user's lack of understanding of cyber security remains the biggest frustration.

Download the full findings of the research here:, or read the companion blog and eBook.

Research Methodology:

The survey commissioned by Vectra was conducted among 1112 IT security decision makers in businesses securing Microsoft Office 365 deployments with more than 1000 employees, in the following industries: Government, Finance, Retail, Manufacturing, Healthcare, Education and Pharmaceutical. At an overall level results are accurate to ± 2.9% at 95% confidence limits assuming a result of 50%. The interviews were conducted online by Sapio Research in February 2021 using an email invitation and an online survey.

About Vectra

Vectra® is a leader in network detection and response -- from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata and cloud logs it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream sends security-enriched metadata to data lakes and SIEMs. Cognito Recall is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect uses AI to reveal and prioritize hidden and unknown attackers at speed. For more information, visit

Source: Vectra AI