Tripwire has announced the results of an extensive study conducted by Dimensional Research which found that only one in four respondents said their organisations have the technology needed to effectively detect and respond to a serious data breach.
In addition, 39 percent of respondents said that after statistics are collected, it takes their security teams days or weeks to correlate the data and security alerts from their security tools.
The study also evaluated key challenges that organisations must address in order to optimise their cyber-security and compliance programs. The response to the study included over 500 IT security professionals.
Despite growing IT budgets, many organisations still lack the resources, visibility and threat intelligence needed to rapidly and accurately respond to data breaches.
The 2016 SANS Incident Response Survey found that 65 percent of its respondents see a skills shortage as an impediment to incident response efforts.
“Opportunities for automation are key to maintaining operational effectiveness when organisations are faced with a skills shortage that won't be alleviated quickly,” said Tim Erlin, senior director of IT security and risk strategy at Tripwire.
“Using the tools at hand to prioritise alerts can save precious time in responding to an incident. Putting the right contextual data at the analyst's fingertips can allow one person to simply get more done in a shorter period of time,” Erlin added.
Additional findings from the survey included:
- Twenty-one percent of respondents said their security teams are able to correlate data and security alerts from their security tools in near real time.
- Twenty percent of respondents said more than half of the security tools in their organisations are integrated enough to exchange data.
- Only three percent of respondents said their organisations outsource security responses to experts.
Erlin concluded: “Information sharing is a key defensive strategy for most companies. In order to protect an organisation effectively, it's incredibly valuable to know how other, similar organisations are being attacked or breached.”
