Only One in Four Organizations Can Detect A Hack

A new report from Tripwire, a security and compliance solutions provider, shows that only 25 percent of organizations have the technology in place to detect and respond to a hack or data breach.

The study surveyed more than 500 IT security professionals and analyzed the challenges organizations face. Results from the study were released Dec. 7, 2016.

Thirty nine percent of respondents said that after statistics are collected, it can take security teams days or even weeks to correlate the data and security alerts from their security tools. While IT budgets might be growing, “many organizations still lack the resources, visibility and threat intelligence needed to rapidly and accurately respond to data breaches.”

Basically, there’s a serious skills shortage at work. Results from the 2016 SANS Incident Response Survey back this up. That survey revealed 65 percent of its respondents see a skills shortage as an impediment to incident response efforts.

So what is a company to do?

The key lies in automation, according to Tim Erlin, senior director of IT security and risk strategy at Tripwire.

“Using the tools at hand to prioritize alerts can save precious time in responding to an incident,” Erlin said. “Putting the right contextual data at the analyst’s fingertips can allow one person to simply get more done in a shorter period of time.”

Additionally, information sharing between organizations is a key defensive strategy, according to Erlin.

“In order to protect an organization effectively, it’s incredibly valuable to know how other, similar organizations are being attacked or breached,” he said.

Additional findings from the survey, as detailed in the release, include:

  • Twenty-one percent of respondents said their security teams are able to correlate data and security alerts from their security tools in near real time.
  • Twenty percent of respondents said more than half of the security tools in their organizations are integrated enough to exchange data.
  • Only 3 percent of respondents said their organizations outsource security responses to experts.

 

Are you covered for identity theft?

Get Covered

Image: Pixabay