Tech Leaders Enlist Analytics to Fight Cyber-Crime
By Karen A. Frenkel
62% of surveyed IT professionals said traditional security approaches result in too many alerts and false positives for them to handle.
Security analytics ranked at the top for perceived value when compared to total cost of ownership. 57% of IT professionals would implement security analytics to acquire unique or specialized data for context.
Of IT professionals already using security analytics, 95% are confident that they can detect a security concern before it has a significant impact.
70% of respondents said they either have an investment in security analytics, or would make an investment if they had sufficient resources.
Security analytics ranked second-to-last in deployment for the second year in a row.
Provides unique or specialized data for context: 57%, Data flexibility and adaptability: 36%, Better data correlation and fidelity for creating responses: 36%, Lowering false positives: 29%, A way to reduce incident response time: 29%
The top-ranked five reasons for using security analytics are: 1. Providing highly actionable intelligence/context for incident prioritization. 2. Providing data aggregation and correlation. 3. Improving long-term trend or anomaly analysis. 4. Enhancing or accelerating post-incident forensics. 5. Enhancing breach or compromise (incident) response
Asked what they wanted most out of a tool that accelerated breach detection, 39% of respondents said they seek better trend analysis and anomaly detection to reduce false positives.
62% of respondents see too many false positives and have too many alerts to handle, shaking their confidence that security protections are in place.
38% of respondents do not feel confident about security because there is too much uncorroborated data and little context about that data.