Story image

Not quick enough: Most firms can't detect or contain a breach within one hour

28 Mar 2018
Twitter
Facebook

Organisations around the globe still face a tough fight against the cyber threat battle, with new research from LogRhythm showing that fewer than half of all organisations are able to detect a ‘major’ cybersecurity incident within one hour.

751 IT decision makers from Asia Pacific, the UK, and the US admitted that they are ‘moderately’ confident in their ability to protect their organisations against hackers.

LogRhythm says this is more of a ‘hopeful’ attitude rather than a truly confident one.

39% of respondents in Asia Pacific also admitted their company has experienced a breach in the past year.

Despite hiring an average of 12 cybersecurity professionals in their organisation, less than a third of respondents said that if they did detect a major cyber incident, they would not be able to contain it within an hour.

Asia Pacific respondents allocate more of their budget to security than their UK and US counterparts. Overall, 57% say they are moderately comfortable with their security funding and a quarter say they are not comfortable.

LogRhythm’s senior regional director for Asia Pacific and Japan, Joanne Wong, says threats continue to grow – and organisations need to focus their planning.

“To combat these threats, organisations need to carefully plan their budgets and strategies, while developing effective programs that tackle specific threats and keep them one step ahead of cyber attackers.”

Respondents say that their security maturity is supported by threat detection programs. 95% use security software to prevent and respond to threats.

70% say they use these programs to detect specific threats such as ransomware. This tactic also influences respondents’ cybersecurity confidence.

Respondents who don’t have programs to protect against threats such as ransomware, insider threats, and service denial attacks are less confident in their security programs.

The same segment reported slower rates of detection, response, and containment.

Respondents aren’t necessarily reliant on one solution to do the job - 10% use at least 10 security software solutions.

Despite numerous threat detection products, around half of all respondents believe a hacker can still breach their organisation.

When asked what would be beneficial to incident detection and response, almost 80% say a platform for security management, analysis, and response but only a third rate a platform as ‘very beneficial’.

“This response may reinforce the notion that true security confidence cannot be created with technology alone,” LogRhythm says.

Respondents were not optimistic about their organisation’s capability to operate from a threat lifecycle management perspective. One third of respondents say they need help at all stages, especially detecting, investigating, neutralising, and recovering from cyber threats.

Story image
05 Nov
Adobe, New York Times and Twitter announce content authenticity initiative
Adobe is developing an opt-in system that will allow creators and publishers to securely attach attribution data to content they choose to share. More
Download image
Ten keys to unlocking cybersecurity automation
Modern cybercriminals are well organized, well-funded, and profit driven. To effectively combat these cybercriminals, enterprise security teams must become crimefighters. More
Story image
29 Oct
Securing the unknown with visibility and control
What’s getting in the way of an organisation’s security health and what needs to happen to secure those vulnerabilities? What assets does an organisation own? How does an organisation gain visibility? Where do the assets live? Who has access to those assets?More
Story image
04 Nov
How to protect Industrial IoT from ransomware
Ransomware outbreaks in 2017 hit production networks worldwide, resulting in shutdowns, massive clean-up efforts and millions of dollars in damages, Claroty finds. More
Download image
Whitepaper: Businesses attracted to hybrid cloud, but conscious of risks
Discussion participants cited ageing applications, the risk of moving inappropriate workloads to the cloud and the complexity of multi-cloud, hybrid cloud architectures as key issues to address.More
Story image
Yesterday
Why zero trust is the best security strategy for mobile computing - Zscaler
Zero trust network access is helping organisations address the protection problem posed by mobile computing and cloud-based applications.More