By Don Reisinger | Posted 2016-12-12
Tripwire Survey Finds IT Pros Lack Tools, Skills, to Defend Networks
A Tripwire survey finds that just 25 percent of IT professionals believe their organizations have the security technology and skills to detect network breaches.
A Minority of Companies Have Means to Detect, Respond to Breaches
However, just 25 percent of IT professionals say they have the ability to detect and respond to threats. Another 5 percent of respondents said they couldn’t answer the question because “technology is changing so quickly.”
Many Companies Have Only Some Technology
A larger number of companies—32 percent—say they have the required technology to detect breaches, but don’t have the means to properly respond to alerts about suspicious behavior on there their networks. Surprisingly, 9 percent of companies say they have no technology that would allow them to detect a possible data breach on their networks.
Most Respondents Aren’t Prepared to Respond to a Breach
Detecting a data breach is only one side of the equation; being able to respond to them is the other. And on that front, just 25 percent of companies say they can respond to a data breach. All the others—75 percent—say they cannot respond to a serious data breach in any way.
Most Companies Don’t Have Integrated Security Tools
Enterprise security tools need to be integrated so they can exchange data during a breach. However, just 3 percent of companies say all their security tools are integrated and can exchange information. Another 20 percent of respondents say more than half of their tools have that capability.
Some Companies Can’t Exchange Data
A sobering fact from the Tripwire survey: 10 percent of companies say they have no ability whatsoever to integrate security tools and exchange data between those tools to respond to data breaches. Another 19 percent of companies say less than 10 percent of their tools have that capability.
Many Companies Can’t Property Interpret Alert Data
Security teams need to be able to correlate data and security alerts from security tools to respond to possible threats. However, only 60 percent of companies engage in that behavior, with 40 percent of companies having limited to no ability to correlate data and security alerts.
Real-Time Responses Are Essential
Responding in real time can mean the difference between shutting down a data breach when it happens and allowing hackers to run amok on a network. However, just 21 percent of companies say they can correlate data and security alerts in real time to respond to threats.
It Takes too Long to Get Security Alert Details
Other companies aren’t as lucky to get actionable information in real time, according to Tripwire. Instead, the security firm says that 39 percent of companies are able to get the correlated data and security alerts, but it can take them days or weeks to get that information—long after hackers are gone.
A Small Number Outsource Security Breach Response
According to Tripwire, 3 percent of IT professionals say they outsource their security response efforts to experts whenever they experience a breach. Apparently they believe they don’t have the requisite knowledge internally to address possible breaches.
More than Half Say They Face a Skill Shortage
In a statement, Tripwire said that 65 percent of IT professionals believe there’s a skills shortage that prevents them from delivering an appropriate incident response. If they had the right people with the right skills, companies say, they might be able to respond more effectively to threats.
Hackers are having a field day in the enterprise. By attacking poorly secured networks, unsuspecting employees and unpatched servers, hackers are finding multiple points of entry into corporate networks running amok. But a new study from security firm Tripwire and conducted by Dimensional Research suggests the problem isn’t going to get better anytime soon. According to the report, only a quarter of companies have the ability to detect and effectively respond to data breaches. Furthermore, in a large number of cases, they don’t have the necessary technology that would allow their network components to send out alerts about suspicious behavior that might signal a possible data breach. Perhaps worst of all, many companies report that a skills gap limits their ability to adequately protect their networks. This slide show will delve deeper into the Tripwire study, which includes responses from 500 IT professionals, to shed light on just how worrisome corporate network security has become.
Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis’ Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.