Only a Quarter of Firms Can Detect and Respond to Breaches

Only a Quarter of Firms Can Detect and Respond to Breaches

Only a quarter of organizations can effectively detect and respond to breaches, according to a new study from Tripwire.

The security software company hired Dimensional Research to poll 500 IT professionals on their key security and compliance challenges.

The largest plurality (32%) claimed that although they had the technology in place to detect breaches, they couldn’t effectively respond, and 29% said that while they have “a lot of technology,” they can’t reliably detect or respond to a serious breach.

The stats are borne out virtually every month as news of another major data breach hits the headlines.

In the past week or two alone we’ve heard news of a massive breach at video sharing site Dailymotion which exposed over 86 million accounts. Also, the details of around 380,000 users of porn site xHamster are being circulated on the dark web, it was discovered.

“Opportunities for automation are key to maintaining operational effectiveness when organizations are faced with a skills shortage that won’t be alleviated quickly,” said Tim Erlin, senior director of IT security and risk strategy at Tripwire.

“Using the tools at hand to prioritize alerts can save precious time in responding to an incident. Putting the right contextual data at the analyst’s fingertips can allow one person to simply get more done in a shorter period of time.”

However, only 21% of IT professionals said they could correlate data and security alerts from their security tools in near real time.

Erlin claimed info sharing is key to improving the organization’s security posture.

“In order to protect an organization effectively, it’s incredibly valuable to know how other, similar organizations are being attacked or breached,” he argued.

Organizations are still reluctant to do so, partly out of a belief that they’ll lose their competitive advantage.

However, it was recently revealed that the UK banking sector enacted contingency plans that enabled members to share crucial intelligence following the high profile attack on Tesco Bank last month.

Source: Information Security Magazine