The majority (59%) of companies may want to implement better cybersecurity tools to protect their network assets and data, but are faced with a dearth of qualified personnel who can adequately select, design and implement an automated solution. And the result is a legion of organizations that have gaping security holes to contend with.
DomainTools’ 2015 Analytics and Intelligence Survey, conducted by the SANS Institute, has revealed that the demand for cybersecurity tools and resources has doubled since 2014, but a lack of skills and dedicated resources are the main obstacles to implementing them, meaning that discovering and acting on cybersecurity incidents and breaches is a difficult task, at best.
A full 35% of organizations cite a lack of centralized reporting and remediation controls as a barrier to identifying cybersecurity incidents. And worse, a quarter (26%) still can’t understand and baseline “normal” cybersecurity behavior, making it difficult for them to identify and block abnormal behaviors.
The results dovetail with an industry-wide disconnect, with 43% of enterprises fully understanding the importance of cyber threat solutions yet still relying on manual processes to protect their organization. For now, only 9% of enterprises’ analytics and intelligence processes used for uncovering a breach are automated.
In fact, only 3% of organizations feel that their analytics and intelligence processes for pattern recognition are fully automated. Only 6% report having a “highly automated” intelligence and analytics environment.
“Security professionals are under constant pressure to identify and mitigate breaches as soon as they occur, making threat intelligence and analytics-driven solutions critical in any security team’s arsenal,” said Tim Chen, CEO of DomainTools. “According to these SANS survey findings, under-investment in skilled security personnel remains a significant barrier for implementing more powerful solutions.”
On the bright side, while cybersecurity attacks have increased 66% since 2009, the research revealed the time to remediation is improving. In 2015, 67% of organizations were able to unearth an attack in one week or less versus only 50% in 2014. With detection and response times improving, the majority (83%) of organizations believe visibility into cyber-incidents has improved with more effective intelligence programs that leverage analytics capabilities. In fact, almost half of organizations are diligently working to increase visibility by integrating data from external threat providers, and another 31% are planning to do so in the future.