Security company, RSA, has released the results of a new Threat Detection Effectiveness Survey showing most respondents are unhappy with current threat detection and investigation capabilities.
The survey data, gathered from more than 160 respondents globally, was released at RSA Conference in San Francisco and was designed to allow participants to self-assess how effective their organisations are at detecting and investigating cyber threats.
RSA president, Amit Yoran, said the survey reinforces our greatest fear that organisations are not currently taking, and in many cases are not planning to take, the necessary steps to protect themselves from advanced threats.
“They are not collecting the right data, not integrating the data they collect, and focusing on old-school prevention technologies. Today’s reality dictates that they need to plug gaps in visibility, take a more consistent approach to deploying the technologies that matter most, and accelerate the shift away from preventative strategies,” he added.
The research provides details of what technologies organisations use, what data they gather to support this effort, and their satisfaction with current toolsets.
Only 24 per cent of organisations surveyed indicated that they were satisfied with their ability to detect and investigate threats. Just 8 per cent of those feel they can detect threats quickly and only 11 per cent said they can investigate threats very quickly.
There is a disparity between organisations that collect perimeter data (88 per cent), and data from modern IT infrastructures (Cloud-based infrastructure 27 per cent, Network Packet 49 per cent, Identity Management 55 per cent, and Endpoint 59 per cent).
However, organisations who have incorporated these data sources into their detection strategies find them extremely valuable: organisations collecting network packet data ascribed 66% more value to that data for detecting and investigating threats than those that didn’t, and those collecting endpoint data ascribed 57% more value to that data than those that didn’t.