Firms Struggle to Respond to Security Incidents
An organization's response in the first hours after a security incident can determine whether a cyber-attacker is caught—or even detected. In other words: You snooze, you lose. That makes the findings of the latest study from the Ponemon Institute, "Threat Intelligence & Incident Response," that much more disheartening. Ponemon, which conducted the research independently for security software provider AccessData, surveyed more than 1,000 IT and information security pros in the United States, Europe, the Middle East and Africa. The upshot of the research? Organizations are finding that their incident response technologies, threat intelligence and security staff's skill sets are all deficient in ways that undermine efforts to respond to cyber-attacks. "Building and managing a company's cyber-defense is very hard to get right because of insufficient funding, personnel shortages, organizational silos and complexity of enabling technologies," says Larry Ponemon, founder of the Ponemon Institute. "The attacker is getting smarter, is better funded and is operating in greater stealth." Following are 10 highlights culled from the report.