Cyber-Attacks: A Failure to Detect, Investigate

By Karen A. Frenkel  |  Posted 03-27-2014 Email

The failure to detect cyber-attacks and investigate them puts companies and their CISOs' jobs (and, of course, CIOs' jobs) at "significant risk," according to a new Ponemon Institute study. The report, "Threat Intelligence and Incident Response: A Study of U.S. and EMEA Organizations," was sponsored by AccessData Group. The study surveyed 1,083 CISOs and security technicians about how their companies respond after a cyber-attack. The survey also asked what would help respondents more successfully detect and remediate such attacks. "It's readily clear from the survey that incident response [IR] processes need to incorporate powerful, intuitive technology that helps teams act quickly, effectively and with key evidence so their companies' and clients' time, resources and money are not lost in the immediate aftermath of the event," says Ponemon Institute chairman and founder Larry Ponemon. When CEOs and board of directors request a briefing from the security team after an attack, 65 percent of respondents say the briefing would be purposely modified, filtered or watered down, according to the report. Furthermore, 78 percent of respondents believe most CISOs would make a best guess based on limited information, take premature action, and report contrary to fact that the problem had been resolved. To read the full report (subscription required), click here.

Karen A. Frenkel writes about technology and innovation and lives in New York City.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login Register