Firms Struggle to Respond to Security Incidents

By Tony Kontzer
  • Previous
    Weak Defense

    Weak Defense

    86% of respondents said incident detection takes too long., 60% said there are too many manual steps., 54% said investigating takes too long., 52% said remediating takes too long.

An organization's response in the first hours after a security incident can determine whether a cyber-attacker is caught—or even detected. In other words: You snooze, you lose. That makes the findings of the latest study from the Ponemon Institute, "Threat Intelligence & Incident Response," that much more disheartening. Ponemon, which conducted the research independently for security software provider AccessData, surveyed more than 1,000 IT and information security pros in the United States, Europe, the Middle East and Africa. The upshot of the research? Organizations are finding that their incident response technologies, threat intelligence and security staff's skill sets are all deficient in ways that undermine efforts to respond to cyber-attacks. "Building and managing a company's cyber-defense is very hard to get right because of insufficient funding, personnel shortages, organizational silos and complexity of enabling technologies," says Larry Ponemon, founder of the Ponemon Institute. "The attacker is getting smarter, is better funded and is operating in greater stealth." Following are 10 highlights culled from the report.

This article was originally published on 2014-03-18
Tony has been writing about the intersection of technology and business for more than 20 years and currently freelances from the Grass Valley, Calif., home where he and his wife are raising their two boys. A 1988 graduate of the University of Missouri-Columbia School of Journalism and regular contributor to Baseline since 2007, Tony's somewhat infrequent Twitter posts can be found at http://twitter.com/tkontzer.
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.