Cybersecurity's Maginot Line: A Real-world Assessment of the Defense-in-Depth Model

The study gets its title from France’s famed Maginot Line — the technically impressive 940-mile border defense that Germany simply bypassed with a novel blitzkrieg style of warfare. Like the Maginot Line, today’s cyber defenses are fast becoming a relic in today’s threat landscape. Organizations spend billions of dollars every year on IT security. But attackers are easily outflanking these defenses with clever, fast-moving attacks.

Key findings include:

  • Nearly all (97 percent) organizations had been breached, meaning at least one attacker had bypassed all layers of their defense-in-depth architecture.
  • More than a fourth of all organizations experienced events known to be consistent with tools and tactics used by advanced persistent threat (APT) actors.
  • Three-fourths of organizations had active command-and-control communications, indicating that attackers had control of the breached systems and were possibly already receiving data from them.
  • Even after an organization was breached, attackers attempted to compromise the typical organization more than once per week (1.59) on average.