Only a quarter of respondents would recognize known indicators of a breach, according to the survey of 200 information security professionals conducted by LogRhythm, a Colo.-based provider of SIEM products.
Other survey findings revealed: 29% of respondents are confident they will know when a host gets compromised; 21% are confident they’ll know when a user’s credentials get compromised; 24% are confident in their ability to identify internal anomalous activity; 21% are confident in their ability to detect rogue processes; and 22% are confident in their ability to recognize abnormal behavior patterns.
At the same time, organizations that have deployed next-generation firewalls (NGFW) and security information and event management (SIEM) expressed confidence in their ability to detect cyber attacks and breaches twice as often as respondents without these technologies.
“Cyber threats are increasing in volume and sophistication….It’s becoming both increasingly necessary and urgent for organizations to deploy solutions like SIEM 2.0 to provide the visibility, insight and response required to detect the undetectable and actively address the rapidly-evolving cyber threat landscape”, commented Chris Petersen, chief technology officer of LogRhythm.