Cyber-Attacks: A Failure to Detect, Investigate

 
 
By Karen A. Frenkel  |  Posted 03-27-2014 Email Print this article Print
 
 
 
 
 
 
 
 

The failure to detect cyber-attacks and investigate them puts companies and their CISOs' jobs (and, of course, CIOs' jobs) at "significant risk," according to a new Ponemon Institute study. The report, "Threat Intelligence and Incident Response: A Study of U.S. and EMEA Organizations," was sponsored by AccessData Group. The study surveyed 1,083 CISOs and security technicians about how their companies respond after a cyber-attack. The survey also asked what would help respondents more successfully detect and remediate such attacks. "It's readily clear from the survey that incident response [IR] processes need to incorporate powerful, intuitive technology that helps teams act quickly, effectively and with key evidence so their companies' and clients' time, resources and money are not lost in the immediate aftermath of the event," says Ponemon Institute chairman and founder Larry Ponemon. When CEOs and board of directors request a briefing from the security team after an attack, 65 percent of respondents say the briefing would be purposely modified, filtered or watered down, according to the report. Furthermore, 78 percent of respondents believe most CISOs would make a best guess based on limited information, take premature action, and report contrary to fact that the problem had been resolved. To read the full report (subscription required), click here.

 
 
 
  • Current Point Solution Approach to Cyber-Security Is Flawed

    86% of respondents say it takes too long to detect a cyber-attack.
    Current Point Solution Approach to Cyber-Security Is Flawed
  • Alerts Are Not Prioritized

    85% say they suffer from the inability to prioritize alerts as they arrive.
    Alerts Are Not Prioritized
  • Point Solutions Are Not Integrated Well

    74% say poor or no integration between security products hinders their response capabilities.
    Point Solutions Are Not Integrated Well
  • Many Alerts Paralyze Incident Response Efforts

    Too many alerts from too many point solutions hinder investigations, according to 61% of respondents.
    Many Alerts Paralyze Incident Response Efforts
  • Root Causes Remain Mysterious

    66% of respondents say determining the root cause of prior incidents helps them strengthen defenses, but 38% say finding the root cause could take a year.
    Root Causes Remain Mysterious
  • Two-Fifths of CISOs Resigned to Unknown Causes of Attacks

    41% of respondents say they would never be able to identify the cause of security events with certainty.
    Two-Fifths of CISOs Resigned to Unknown Causes of Attacks
  • Latest Indicators of Data Breach Largely Unusable

    59% of respondents say they cannot efficiently and effectively use integrated threat intelligence with their security products.
    Latest Indicators of Data Breach Largely Unusable
  • Importing Multiple Threat Intelligence Feeds Is Difficult

    40% of respondents say none of their security products support imported threat intelligence from elsewhere.
    Importing Multiple Threat Intelligence Feeds Is Difficult
  • Investigating Attacks on Mobile Devices

    86% of respondents rate the investigation of mobile devices as difficult.
    Investigating Attacks on Mobile Devices
  • Locating Trade Secrets on Mobile Devices

    54% of respondents say they cannot or are unclear about how to find sensitive data, like trade secrets and personally identifiable information, on mobile devices.
    Locating Trade Secrets on Mobile Devices
  • Incident Resolution Platform Recommended

    Says Craig Carpenter, Chief Cyber Security Strategist at AccessData, "Companies need an incident resolution platform that doesn't just integrate alerts from myriad point solutions, but makes intelligence actionable and automates significant current portions of the incident response process."
    Incident Resolution Platform Recommended
 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date