BEDFORD, Mass., April 7, 2015 /PRNewswire/ --
STORY HIGHLIGHTS
- Latest RSA Breach Readiness Survey results highlight best
practices from the Security for Business Innovation Council
(SBIC)
- RSA's survey compares SBIC results to 170 respondents in 30
countries
- Results of general population indicate 1 out of 3 surveyed do
not have a formal incident response plan
- Of the non-SBIC respondents that do have formal incident
response plans, 57% indicated that they never update or review
their plans
Today, RSA, The Security Division of EMC (NYSE: EMC), released
the results of a new global breach readiness survey that covered
thirty countries and compared those global results with a survey of
the Security for Business Innovation Council (SBIC), a group of top
security leaders from the Global 1000. Using the SBIC as a
benchmark, the results suggest that the majority of organizations
are not following incident response best practices and are not well
prepared to face the challenges of today's advanced cyber threats.
The survey report provides quantitative insights into real-world
security practices and highlights gaps in technology and procedure
as well as prescriptive advice from the SBIC for how to best close
those gaps.
The survey focused on measures within four major areas of breach
readiness and response, Incident Response, Content Intelligence,
Analytic Intelligence, and Threat Intelligence. The results suggest
that organizations continue to struggle with the adoption of
technologies and best practices that will allow them to more
effectively detect, respond to, and disrupt the cyberattacks that
turn into damaging breaches.
Incident response is a core capability that needs to be
developed and consistently honed to effectively face the increasing
volume of cyberattack activity. The survey results indicate
that while all leading edge SBIC members have developed an incident
response function, 30% of at-large organizations surveyed do not
have formal incident response plans in place. Furthermore, of
those who do have a plan, 57% admit to never updating or reviewing
them.
Content Intelligence in the survey measured awareness gained
from tools, technology and processes in place to identify and
monitor critical assets. While all SBIC members have a capability
to gather data and provide centralized alerting, 55% of the general
survey population lacks this capability rendering them blind to
many threats. Identifying false positives still proves a difficult
task. Only 50% of the general respondents have a formal plan
in place for identifying false positives while over 90% of SBIC
members have automated cyber-security technologies and a process to
update information to reduce the chances of future incidents.
Most organizations recognize that basic log collection through
SIEM systems only provides partial visibility into their
environment. In the general survey, 72% of survey participants have
access to malware or endpoint forensics, however, only 42% of
survey participants have capabilities for more sophisticated
network forensics, including packet capture and net flow
analysis.
External threat intelligence and information sharing is also a
key activity for organizations to stay up-to-date on attackers'
current tactics and motives. The survey results indicated that only
43% of the survey participants at large are leveraging an external
threat intelligence source to supplement their efforts. Finally,
attackers continue to exploit known but unaddressed vulnerabilities
in damaging breaches. Despite this common knowledge, the survey
found that only 40% of the general population had an active
vulnerability management program in place, making it more
challenging to keep their security programs ahead of attackers.
EXECUTIVE QUOTES:
Dave Martin, Chief Trust
Offer, RSA, The Security Division of EMC
"Organizations are struggling to gain visibility into
operational risk across the business. As business has become
increasingly digital, information security has become a key area of
operational risk and while many organizations may feel they have a
good handle on their security, it is still rarely tied in to a
larger operational risk strategy, which limits their visibility
into their actual risk profile."
Ben Doyle, Chief Information
Security Officer, Thales Australia and New Zealand
"People and process are more critical than the technology as it
pertains to incident response. First, a security operations
team must have clearly defined roles and responsibilities to avoid
confusion at the crucial hour. But it is just as important to
have visibility and consistent workflows during any major security
crisis to assure accountability and consistency and help
organizations improve response procedures over time."
About the Security for Business Innovation Council
The Security for Business Innovation Council is a
group of top security leaders from Global 1000 enterprises
committed to advancing information security worldwide by sharing
their diverse professional experiences and insights. The Council
produces periodic reports and digital content that explores
information security's central role in enabling business
innovation.
ADDITIONAL RESOURCES:
- Download the eBook highlighting SBIC results compared to the
community at large
- Watch video with Dave Martin
discussing insights from the Security for Business Innovation
Council
- Download RSA's Failures of the Security Industry:
Accountability and Action Plan Whitepaper
- Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and
the RSA Speaking of Security Blog and Podcast
ABOUT RSA
RSA's Intelligence Driven Security solutions help organizations
reduce the risks of operating in a digital world. Through
visibility, analysis, and action, RSA solutions give customers the
ability to detect, investigate and respond to advanced threats;
confirm and manage identities; and ultimately, prevent IP theft,
fraud and cybercrime. For more information, please visit
www.rsa.com.
RSA and EMC are either registered trademarks or trademarks of
EMC Corporation in the United
States and/or other countries. All other products
and/or services referenced are trademarks of their respective
companies.
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/new-rsa-breach-readiness-survey-finds-majority-not-prepared-300061853.html
SOURCE RSA