Cyber-Attacks: A Failure to Detect, Investigate
86% of respondents say it takes too long to detect a cyber-attack.
85% say they suffer from the inability to prioritize alerts as they arrive.
74% say poor or no integration between security products hinders their response capabilities.
Too many alerts from too many point solutions hinder investigations, according to 61% of respondents.
66% of respondents say determining the root cause of prior incidents helps them strengthen defenses, but 38% say finding the root cause could take a year.
41% of respondents say they would never be able to identify the cause of security events with certainty.
59% of respondents say they cannot efficiently and effectively use integrated threat intelligence with their security products.
40% of respondents say none of their security products support imported threat intelligence from elsewhere.
86% of respondents rate the investigation of mobile devices as difficult.
54% of respondents say they cannot or are unclear about how to find sensitive data, like trade secrets and personally identifiable information, on mobile devices.
Says Craig Carpenter, Chief Cyber Security Strategist at AccessData, “Companies need an incident resolution platform that doesn’t just integrate alerts from myriad point solutions, but makes intelligence actionable and automates significant current portions of the incident response process.”