Data breaches - inadequate response from the vast majority

Tripwire has published the results of an extensive Tripwire study conducted by Dimensional Research. The study evaluated key challenges that organizations must address in order to optimize their cyber security and compliance programs. Study respondents included over 500 IT security professionals.

  • 8 years ago Posted in
According to Tripwire’s study, only one in four respondents said their organizations have the technology needed to effectively detect and respond to a serious data breach. In addition, 39 percent of respondents said that after statistics are collected it takes their security teams days or weeks to correlate the data and security alerts from their security tools.
Despite growing IT budgets, many organizations still lack the resources, visibility and threat intelligence needed to rapidly and accurately respond to data breaches. The 2016 SANS Incident Response Survey found that 65 percent of its respondents see a skills shortage as an impediment to incident response efforts.
“Opportunities for automation are key to maintaining operational effectiveness when organizations are faced with a skills shortage that won’t be alleviated quickly,” said Tim Erlin, senior director of IT security and risk strategy at Tripwire. “Using the tools at hand to prioritize alerts can save precious time in responding to an incident. Putting the right contextual data at the analyst’s fingertips can allow one person to simply get more done in a shorter period of time.”
Additional findings from the survey included:
  • Twenty-one percent of respondents said their security teams are able to correlate data and security alerts from their security tools in near real time.
  • Twenty percent of respondents said more than half of the security tools in their organizations are integrated enough to exchange data.
  • Only 3 percent of respondents said their organizations outsource security responses to experts.
Erlin continued: “Information sharing is a key defensive strategy for most companies. In order to protect an organization effectively, it’s incredibly valuable to know how other, similar organizations are being attacked or breached.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...