Security Experts:

Connect with us

Hi, what are you looking for?


Data Protection

Network Breaches: Organizations Scared and Unprepared

Report Shows Organizations are Scared and Not Prepared for Effective Response to Security Events

Report Shows Organizations are Scared and Not Prepared for Effective Response to Security Events

Many, if not most organizations expect to experience a significant security incident within the foreseeable future, yet most are not prepared to adequately respond if and when one does occur. That was the conclusion of a study released today from network forensics firm, Solera Networks.

The 2nd Annual Network Forensics Survey, conducted by Trusted Strategies, polled more than 200 security professionals within large organizations to and were asked the likelihood of their organizations experiencing a significant network security breach, and how prepared they were to detect and respond to such an incident. The results reveal that most organizations are not adequately prepared to determine source and scope of attacks.Report on Network Forensics

According to the survey, most participants (96 percent) recognize the value of real-time situational awareness and network forensics, yet only about 19% say their network security teams currently have the capability to gather enough information from an attack to prevent it again in the future.

When survey participants were asked what concerns them the most, major malware infections were of significant concern (89%). However, system or network outages were the largest fears with 93% of the respondents indicating they were moderately to extremely concerned about network downtime.

Additional concerns include theft of IP (66%), brand damage (44%), and the costs associated with complete recovery (69%). According to the recently released Kroll Annual Global Fraud Report, theft of information or assets was reported by 27.3% of companies over the past 12 months, up from 18% in 2009, showing a clear need for companies need to regularly evaluate how they are controlling and monitoring access to information.

Other Key Findings from the 2nd Annual Network Forensics Survey:

• 35% of survey respondents said they have had what they consider a “significant security incident” within the last 3 years.

• 82% think it’s likely they will experience a significant security incident within the next 3 years.

• 96% feel threatened by employee web activity, and 71% fear that instant messaging poses security threats.

Network Forensics Study

• 35% of organizations represented in the survey don’t have an up-to-date response plan, and 52% said they are not ready to handle a significant security incident (24% “not prepared”, 28% are only “somewhat prepared”).

• 92% expressed concern over lengthy recovery times

When incidents do occur, it’s difficult or even impossible for most organizations to maintain effective situational awareness and fully determine what is happening. 64% of respondents said they don’t have the data or tools to efficiently determine the full scope of security incidents. 20% said it’s “impossible to determine scope.”

Network Forensics can be a huge benefit when dealing with Advanced Persistent Threats (APTs), which continue to compromise networks, data and intellectual property. By having the ability to recreate an event, IT departments can see and know what is happening inside its networks and understand what happened, making it easier to deal with a breach or other security incident.

“Complete and irrefutable evidence of the event is essential in dealing with law enforcement, litigation, and regulatory compliance,” said Carlos Pereira, an IT Governance, Risk, and Compliance officer for The Clorox Company.

The report notes that many survey respondents did ask for better analytics and reports, and more complete integration with the many security components in their network systems. But at the end of the day, no analysis or reports can be generated without having the right data.

The methodology used for the study entailed surveying and screening over a thousand IT and security professionals from large sized organizations within the United States. Ultimately, 200 individuals were selected to participate in the survey. Most belonged to organizations with at least 1,000 network nodes and either managed or were directly involved in the maintenance of their organization’s computer networks.

Participants were from a wide range of industries, including high tech (35%), financial services (13%), and manufacturing (11%). Health care, communications, government, and other industries made up the other 41% of the survey participants.

The results of the The 2nd Annual Network Forensics Survey can be found here (Direct PDF)

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.