Posts

New Poll: Most Organizations Struggle With Cybersecurity

New Poll: Most Organizations Struggle With Cybersecurity

A recent IDC poll revealed the uneasy state of cybersecurity today, and the results should be of interest to security professionals from all practices.

The poll found that nearly half (47%) of surveyed organizations, in both the U.S. and Europe, are not gathering enough information about cyber-incidents to provide adequate defensive measures. This is a striking statistic – but one that is fairly common that I often run into, as do many others in the industry.

The poll goes on to pin point some of the reasons for the lapse in investigative efforts. Of the surveyed firms, 81% reported not having defined run books and amazingly 75% do not have a managed incident response plan. Compounding the problem is another 40% reported only having a “broad incident response plan” in place.

So, it is really not too surprising that when alerts are generated, most organizations only have enough resources to take the minimum action needed to correct the initial problem and then carry on in their cyber days – this is a recipe for disaster!

Managed Security Service Options

At Proficio, we know firsthand the daunting task that most security teams face today. Even with the advent and more common use of security operations centers (SOCs), most internal security teams receive an inundation of alerts daily and don’t have the resources to properly investigate and manage everything that comes in; so many go ignored or are relegated to the trash bin with no action taken. This is another recipe for disaster and does absolutely nothing to help secure your infrastructure and data.

That is why Proficio offers fully managed Security Operations Center services to act as an extension of your security team, not as another burden. It also enables your team to enhance their typical alerts by providing added investigations into your alerts, comparing them against actionable intelligence, and only sending out our customers’ alerts that need their attention, while also providing them recommendations on next steps. This is an important practice among SOCs and it should continue to evolve and enhance your organizations security across the board.

Automated Response Services

Proficio goes even further than most SOCs, providing our unique Managed detection and response service. We also provide incident response services that can greatly help your internal security team develop, maintain and integrate a thorough and active Incident Response Plan. As noted in the earlier survey, one of the major issues facing the cyber-security field is the failure of the incident response level investigations. If a good investigation is lacking, then total recovery and remediation of the attack is impossible. This is part of why cyber-attacks continue to succeed, but you can do your part to combat this.

As attackers modify and strengthen their tools and techniques, their counter parts, your security team, should also be modifying and strengthening their defense; yet this is impractical when the defenders are failing to conduct even a cursory investigation into reported attacks. Proficio can assist your company in preparing for an incident and by offering advanced threat defense through managed security operations center services.

Learn More About Proficio Managed Security Services

Explore our website for resources on how we can help your business strengthen your security posture and speak with a security consultant when you are ready to discuss details of your cybersecurity program.

Annual Cybersecurity Survey Reveals Challenges for 2016

2015 was a tough year for data breaches. Companies of all sizes and industries fell victim to hackers, costing billions of dollars and harming the reputations of many organizations. So what is in store for 2016? Will cybercriminals continue to find new ways to get onto networks or will enterprises be prepared to prevent damaging security breaches? To get a better understanding, we surveyed IT security professionals to see what challenges and changes they expect for 2016.

When asking respondents what was their biggest concern, insider threats took the top spot, followed by unpatched vulnerabilities and next-generation malware. Interestingly enough, these top three concerns echoed the results of our 2013 survey. There is an increased concern of mobile devices (BYOD) and Spear Phishing, while Brute Force and DDoS attacks were lessor concerns.

The concern around insider threats is consistent with among industry professionals, and continues to be a growing concern for IT security professionals; this is not surprising, sources suggest about 50% of targeted attacks are carried out by insiders, such as disgruntled ex-employees or consultants who inadvertently disclose privileged information. These attacks also point to a greater concern – the lax controls some companies have, i.e. shared accounts with administrative privileges or lackluster monitoring of the behavior of exiting employees.

While the fear of insider threats is keeping respondents up at night, they are not anticipated to be the most threatening attackers in 2016. This list is topped by cybercriminals, and followed by state sponsored attackers.

Respondents overwhelmingly said that the majority of security incidents happen outside of normal business hours. This demonstrates the importance of monitoring networks on a 24x7x365, getting quick and timely alerts with the ability to respond to attacks efficiently and effectively. Due to the lack of resources available at most companies, more and more security teams are looking outside their organization for help.

More companies are finding the solution to these problems through outsourcing some or all of their IT security operations. This allows them to concentrate on other issues while also being confident their networks are safe. For 2016, the trend is toward more outsourcing; on average, 15% plan to increase outsourcing versus 3% who plan to reduce it. The most popular task for outsourcing was penetration testing, followed by 24×7 security event monitoring and alerting and compliance assessments. Management of firewalls or security devices was the least common task to be outsourced.

It seems clear that 2016 is anticipated to be another active year for cybercriminals. IT security teams are working hard to make sure their networks are safe yet if you are using, or considering, an MSSP, you are not alone. To see how Proficio can assist with your security operations, please contact info@proficio.com.