Enterprise Cyberspace Threat Landscape: An Analysis

: The ecosystem security platform described in this research is already impacting the threat spectrum in quantifiable ways. The global network has undergone a dramatic transformation over the course of 2020, with an unprecedented destabilization of events. Security breaches of all kinds are growing in complexity, sophistication, and impact. The bad actors are bypassing predictable security devices at will by breaching network systems at an escalating rate. This study will analyze these developments by creating awareness among security practitioners so they can be prepared to defend their enterprise systems.

ecosystems need solutions that will detect signature and signature-less oriented attacks in real-time to remediate actions automatically. There are algorithms built into defensive security tools that scan objects in real-time to ascertain the type of digital signatures that is at play.

Literature Review
References [22][23][24][25], among others, in their report, noted that adversaries focused their tradecraft and custom malware on managed service providers. However, they concluded that the average ransomware financial request during 2020 was significant. Our study created awareness of ransomware threats to the ecosystem.
References [26][27][28][29], among others, cited that the new normal of working from home is adding to the problem for cyber-spies. Our study narrated the malware families that could pose as potential actors in the cyber war.
References [30,31], in their report, noted that several of the enterprise systems were unprepared as they face situations in which they must migrate their entire workforce to a work-from-home environment. The study concluded that the deficiency for contingency planning exposed many organizations to potential vulnerabilities and misconfigurations that threat actors could have easily leveraged to score breaches, exfiltrate data, or even generate additional profit by extorting vulnerable companies.
References [32,33], in their study, stated that chaos rampaged the security landscape as COVID-19 pandemic exploded in 2020. These put tremendous pressure on cybersecurity platforms. The study concluded that the pandemic exposed challenges in organizations' preparedness for remote work. Our study narrated why cyber professionals should be concerned.
References [34,35], among others, noted that the legacy approach of protection against adversaries is simply not up to the task any longer. This is because enterprise systems need breakthrough solutions to defend their networks. Their study concluded that a unified endpoint security solution is an approach to alleviate today's ever-increasing cybersecurity requirements.
Recent studies by [36,37], noted that Cybercrime damages will cost the world approximately $6 trillion annually by the end of 2021, and that this number was up from $3 trillion projected in 2015. The studies conclude that companies can no longer afford to wait before addressing essential securities remedies.
In other studies [38], they narrated that ninety-seven percent of organizations have experienced a breach, but only a small segment believe they can effectively deal with these intrusions. The studies summarized that enterprise systems need to know what to protect and where to bolster their platforms.
Reports from [39] revealed in 2016 that cyberattacks increased by 48 to 54 percent globally during 2017, and that the speed of attacks since then have continued to increase exponentially.
Other studies reported by [40], among others, found evidence that malware infections have plagued organizations and users for years and are growing stealthier and increasing in number by the day. They summarized that security experts have created commercial antivirus (AV) protection and have actively researched better ways to detect malware.

Methodology
To pilot-test the network-security concerns, the authors developed, distributed, and collected responses from survey questionnaires at a network-security business professional conference in Washington in 2019.
The survey population comprises professionals who publish research findings and work in their respective fields. These are experts with an extensive history in teaching and the business world. We distributed survey data to senior IT professionals from midmarket (100 to 999 employees) and enterpriseclass (1,000 employees or more] organizations. The survey questionnaires were distributed to 366 attendees. The number completed and returned was 250. Overall, we consider these as an equitable representative random population. Most of the survey items were Likert scale types, yes/no responses or categorical, ordinal items, gender, ranks of personnel, etc.
The study conducted a survey of 23 questions covering a range of security issues that are of importance and of concern to IT and security administrators in small and medium-sized businesses [SMBs]. The questions were designed and conducted to obtain a snapshot of the state of security issues in SMBs and to confirm issues that have been raised in other security studies.

Data Analysis/Results
In order to establish the relationship between respondents' attitude and their role in industry, it was necessary to break down the research into a series of Hypotheses as listed below: 1. Is there a relationship between the perceptions of threat to endpoint security when compared to the use of transform software to search the network for malware? 2. Do network scanning tools have an impact on the global threat to cybersecurity? 3. How much confidence do the respondents have when there is a threat of an imminent cyber-attack on the organization? 4. How strongly does the threat of an imminent cyber-attack influence the confidence that male respondents have in their organization's endpoint security posture? 5. How strongly does the threat of an imminent cyber-attack influence the confidence that female respondents have in their organization's endpoint security posture?
6. How strongly does the threat of an imminent cyber-attack influence the confidence that Executives have in their organization's endpoint security posture?
Tests were also performed to determine if there was any difference based on the gender of the respondents.
Hypothesis I: H 0: There is no correlation between how endpoint security has changed in the past 12 months when contrasted with the use of threat transform software to search the network for malware.
H1: There is correlation between how endpoint security has changed in the past 12 months when contrasted with the use of threat transform software to search the network for malware.
H0: = 0 H1: ≠ 0 Conclusion: In general, there does not appear to be any correlation between how endpoint security has changed in the past 12 months when contrasted with the frequency of the use of threat transform software to search the network for malware. However, the correlation between the frequency of use of threat transform software and recent changes in endpoint security (0.104) can be said to be somewhat more substantial than the rest of the variables.
Hypothesis II: H0: There is no correlation between how respondents perceive groups that pose the greatest cybersecurity threat to global business and the utility of network scanning tools in mitigating threats to their organization.
H1: There is a strong positive correlation between how respondents perceive groups that pose the greatest cybersecurity threat to global business and the utility of network scanning tools in mitigating threats to their organization.

Conclusion:
Respondents who find Hijackthis especially useful in mitigating threats to the organization are more likely to regard contractors as the ones that pose the greatest threat to their organization. This is true, regardless of the gender or status of the respondent.
Hypothesis III: H0: The confidence that respondents have in their organization's endpoint security posture does not depend on the likelihood that their organization will be compromised by a successful cyberattack within one year.
H0: The confidence that respondents have in their organization's endpoint security posture is a function of the likelihood that their organization will be compromised by a successful cyberattack within one year.
H0: bi = 0 H1: bi ≠ 0 where i = Maltego, Autopsy, Virus Total Public, FireEye Sight Intelligence, Shoden, and Zero Fox Transform. Respondents whose organization use Maltego as their threat hunting transform software seem to have more confidence in the organization's endpoint security posture.
Hypothesis IV: H0: Male respondents have little confidence that their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised.
H1: The confidence that male respondents have in their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised.

Conclusion:
The confidence that male respondents have in their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised.
Hypothesis V: H0: Female respondents have little confidence that their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised.
H1: The confidence that female respondents have in their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised. In addition to the confidence female respondents have that their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised, they also believe that it is strongly influenced by the frequency of the use of Maltego as a threat hunting transform software.
Hypothesis VI: H0: IT Executive respondents have little confidence that their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised.
H1: The confidence that IT Executive respondents have in their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised. Conclusion: IT Executives do not believe that their confidence in their organization's endpoint security posture is contingent upon the likelihood of an imminent threat on their organization.
Hypothesis VII: H0: Male Executive respondents have little confidence that their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised.
H1: The confidence that Male Executive respondents have in their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised.

Conclusion:
The confidence that male executive respondents have in their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised.

Scenario 2G: What impact do v005-011 have on v004 For FEMALE EXECUTIVE respondents?
Hypothesis VIII: H0: Female Executive respondents have little confidence that their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised.
H1: The confidence that Female Executive respondents have in their organization's endpoint security posture is strongly influenced by the belief that their organization will soon be compromised.

Conclusion:
The confidence that female executive respondents have in their organization's endpoint security posture is contingent on both their rating of the Maltego threat hunting transform software, and their belief in the likelihood of an imminent cyberattack.

Overall Conclusion
This work introduces the ecosystem threat landscape that has evolved to the scope where enterprise systems are on constant cyberattacks from adversaries. The "new normal" effects of the 2019 pandemic exacerbated attacks forcing enterprise systems to update their training and awareness security programs. Employees now work remotely from home, thereby enabling adversaries to expand their attack vectors to include online infrastructures and services that were previously shielded, as well as company endpoints that are situated away from the corporate network. In this study, we explored breaches occurring in the cyberspace landscape and the attack strategies used by various adversaries. The study also highlighted different types of architecture and detection schema.
This study recommends organizations implore the Blue Team and Red Team philosophies as mitigation strategies. Instituting the Blue Team philosophy involves enterprise systems setting a platform of detecting adversaries and preventing them from breaking into the organization's infrastructure. This strategy includes identifying breaches swiftly, limiting the spread of infection by confining it to the system it entered through, and successfully stopping the attacks in their tracks. Security Onion is the tool recommended to use. This tool offers full packet capture both for network-based and host-based intrusion detection schema. Instituting the Red Team philosophy involves setting up an enterprise systems platform of protecting sensitive data by ensuring the enterprise systems are operating out of a healthy security posture. Enterprise systems will be able to identify and assess vulnerabilities, test assumptions, view alternate options for attack, and reveal the limitations and security risks for the organization. This tool will enable security teams to conduct advanced penetration tests with ease.
The study recommends using deep learning, artificial intelligence, and machine learning technologies to detect anomalies. Because massive amounts of data are generated on a regular basis, businesses will be able to analyze and identify new insights faster than the competition.

Implication for Practitioners and Researchers
In the future, when anomalies malicious code malware is identified and analyzed, the output from a PCAP, Wire-shack or a Virus Total engine should be fully leveraged. The goal is to spot the difference between abnormal and normal in an intrusion schema and prevent any infection from spreading to other parts of the network.

Funding Statement:
The authors received no specific funding for this study.

Conflicts of Interest:
The authors declare that they have no conflicts of interest to report regarding the present study.