According to Tripwire’s study, only one in four respondents said their organizations have the technology needed to effectively detect and respond to a serious data breach. In addition, 39 percent of respondents said that after statistics are collected it takes their security teams days or weeks to correlate the data and security alerts from their security tools.
Despite growing IT budgets, many organizations still lack the resources, visibility and threat intelligence needed to rapidly and accurately respond to data breaches. The 2016 SANS Incident Response Survey found that 65 percent of its respondents see a skills shortage as an impediment to incident response efforts. “Opportunities for automation are key to maintaining operational effectiveness when organizations are faced with a skills shortage that won’t be alleviated quickly,” said Tim Erlin, senior director of IT security and risk strategy at Tripwire. “Using the tools at hand to prioritize alerts can save precious time in responding to an incident. Putting the right contextual data at the analyst’s fingertips can allow one person to simply get more done in a shorter period of time.”
Additional findings from the survey included:
- Twenty-one percent of respondents said their security teams are able to correlate data and security alerts from their security tools in near real time.
- Twenty percent of respondents said more than half of the security tools in their organizations are integrated enough to exchange data.
- Only 3 percent of respondents said their organizations outsource security responses to experts.
Erlin continued: “Information sharing is a key defensive strategy for most companies. In order to protect an organization effectively, it’s incredibly valuable to know how other, similar organizations are being attacked or breached.”