How ready is your business for a cyberattack? Is yours among the 40 percent of organizations that are totally unprepared?
The State of Incident Response 2017 report from Demisto, Inc., a security automation and orchestration company, found that businesses are struggling to keep up with the issue of cyberattacks, due in part to a lack of resources. The report also showed that only 14.5 percent of companies are measuring their mean time to respond to an attack should one occur.
Security Playbooks and the Need for Skilled Staff
Organizations are challenged with an average of 350 incidents every week. Yet 30 percent of companies that responded to Demisto’s survey said they have no runbooks, playbooks, or other documentation that shows how they react to security incidents.
Roughly 90 percent of respondents said they have a tough time finding skilled staff to help them. Not all IT specialists have the skillset required to take a proactive approach to cybersecurity, which is an area that evolves and changes by the day.
The average time it takes to train someone for cybersecurity at an organization is nine months, which leaves many companies vulnerable to attack. Unfortunately, the average IT staff or incident response staff will also leave at the rate of one-third every three years, which means hiring and training is continually happening and security challenges are perpetually a concern.
The report found specific areas where organizations felt they needed to focus, yet were falling short. Automating threat hunting was at the top of the list, yet only 12 percent said they were actually doing this. More than half the respondents said automating their incident responses would provide immediate benefits, yet only 10 percent focus on this type of automation.
Among the largest challenges mentioned in the report, working with the substantial number of IT security tools and the increasing amount of incidents ranked highest. Having time to respond to alerts was also highlighted as a concern.
It is also difficult for many companies to know which alerts deserve high priority. According to the report, 40.4 percent said they felt there are more alerts than they can handle, and 47 percent said they didn’t know which alerts they need to prioritize.
At AMD Technology, we have the ability to bring enterprise-grade communication and security services to you, today. Let’s talk about your security needs and get started connecting you with leading technology.