25% of Orgs Can Detect, Respond to a Breach

Wednesday, December 14, 2016 @ 02:12 PM gHale

Only 25 percent of security professionals think their organization has the technology needed to effectively detect and respond to a serious data breach, a new survey said.

In addition, 39 percent of survey respondents said after statistics end up collected it takes their security teams days or weeks to correlate the data and security alerts from their security tools according to a Tripwire Inc. study conducted by Dimensional Research. The study evaluated key challenges that organizations must address in order to optimize their cyber security and compliance programs. Study respondents included over 500 IT security professionals.

RELATED STORIES
Phishing Site Longevity Shrinking
Big Jump in Per Day Malware Detected
Flash Player Tops Exploit Kit Attacks
Android Attacks Set to Rise: Report

Despite growing IT budgets, organizations still lack the resources, visibility and threat intelligence needed to rapidly and accurately respond to data breaches.

The 2016 SANS Incident Response Survey found 65 percent of its respondents see a skills shortage as an impediment to incident response efforts.

“Opportunities for automation are key to maintaining operational effectiveness when organizations are faced with a skills shortage that won’t be alleviated quickly,” said Tim Erlin, senior director of IT security and risk strategy at Tripwire. “Using the tools at hand to prioritize alerts can save precious time in responding to an incident. Putting the right contextual data at the analyst’s fingertips can allow one person to simply get more done in a shorter period of time.”

Additional findings from the survey included:
• 21 percent of respondents said their security teams are able to correlate data and security alerts from their security tools in near real time.
• 20 percent of respondents said more than half of the security tools in their organizations are integrated enough to exchange data.
• Only 3 percent of respondents said their organizations outsource security responses to experts.

“Information sharing is a key defensive strategy for most companies,” Erlin said. “In order to protect an organization effectively, it’s incredibly valuable to know how other, similar organizations are being attacked or breached.”

Click here to download the Tripwire results.



Leave a Reply

You must be logged in to post a comment.