A new analysis of data from 180 real-world penetration tests in enterprise organizations suggests that cybercriminals who manage to get a foothold on an internal network have an opportunity to then gain domain administrator access in more than three in four cases. But attacks on Internet-facing assets actually result in some kind of internal access only about 20% of the time because of the security controls that many organizations have implemented at the network perimeter.

Read full article on Dark Reading