Despite the rise and increasing severity of cyber attacks, 75 percent of organizations across all sectors aren’t confident in their capability to effectively detect or respond to a data breach, according recent survey of frontline information technology professionals.
Meanwhile, more than half (57 percent) of IT professionals surveyed in a separate report said they only had a general idea or no idea at all how long it would take their automated tools to detect an intrusion on their networks.
The surveys were commissioned by Tripwire, a security and complacence organization that polled more than 500 IT pros in one and 763 in the other.
Having a lack of confidence in a cybersecurity system means it’s likely to fail; however, overconfidence in a system can foster just as much risk. IT professionals in financial services seem to have been hit by such overconfidence: 87 percent said it would take “minutes or hours” for their tools to detect an intrusion, but 60 percent also admitted they didn’t know or only had a vague idea of how long it would take to remove an authorized device from their networks. Ninety-two percent of financial IT professionals believe their scanning tools would generate an alert with minutes or hours of discovering an unauthorized device, but 77 percent acknowledged that those tools routinely miss 20 percent or more of the devices on the network.
Delivering actionable information is critical if an organization is going to defend its networks; quickly identifying intrusions is vital so that appropriate responses can be launched before significant harm is done. Attackers appear to have the distinct advantage: In 2014, they were allowed to roam free in compromised networks for a median of 205 days.
Combating cyber attackers requires a multifaceted approach of staff and tools. And it’s expensive: In 2012, organizations wanting to achieve a level of security capable of repelling 95 percent of attacks would have to increase spending from an aggregate of $5.3 billion to $46.6 billion. All that money spent on security tools doesn’t do much good if they can’t “talk” to each other, yet only 3 percent of IT professionals surveyed said all their systems were integrated enough to exchange data. Just one-fifth of those surveyed said 50 percent of their systems could exchange data.
When the data is collected, 39 percent said it could take security teams “days or weeks” to finally correlate and analyze the results. Another 37 percent said they don’t even bother to correlate the findings at all. Just over 20 percent said such correlation happens in near real-time.