TMCnet News
Tripwire Study: IT Professionals Overconfident in Cyber Attack DetectionTripwire, Inc., a leading global provider of endpoint detection and response, security and compliance solutions, today announced the results of an extensive study conducted by Dimensional Research on behalf of Tripwire (News - Alert). The study evaluated the confidence of IT professionals regarding the efficacy of seven key security controls that must be in place to quickly detect a cyber attack in progress. Study respondents included 763 IT professionals from retail, energy, financial services and public sector organizations in the U.S. The majority of the respondents displayed high levels of confidence in their ability to detect a data breach even though they were unsure how long it would take automated tools to discover key indicators of compromise. For example, when asked how long it would take automated tools to detect unauthorized configuration changes to an endpoint on their organizations' networks, 67 percent only had a general idea, were unsure or did not use automated tools. However, when asked how long it would take to detect a configuration change to an endpoint on their organizations' networks, 71 percent believed it would happen within minutes or hours. Configuration changes are a hallmark of malicious covert activity. Additional study findings include:
The study is based on seven key security controls required by a wide variety of security regulations, including PCI (News - Alert) DSS, SOX, NERC CIP, MAS TRM, NIST 800-53 and IRS 1075. These controls also align with US-CERT recommendations and international guidance such as the Australian Signals Directorate's Strategies to Mitigate Targeted Cyber Intrusions. These regulations and frameworks recommend:
When implemented across the organization, these controls deliver specific, actionable information that is necessary to defend against the most pervasive and dangerous cyber attacks, including nation-state sponsored attacks. It is vital for organizations to identify indications of compromise quickly so that appropriate action can be taken before any damage is done. According to Mandiant's M-Trends 2015 report, the average time required to detect an advanced persistent threat on a corporate network is 205 days. In addition, Verizon's (News - Alert) 2015 Data Breach Investigations Report revealed that two-thirds of targeted attacks generally took months to detect. For more information on this study, please visit: http://www.tripwire.com/company/research/tripwire-2016-breach-detection-survey-overview/ About Tripwire Tripwire is a leading provider of endpoint detection and response, security, compliance and IT operations solutions for enterprises, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire's portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitoring, vulnerability management, log management, and reporting and analytics. Learn more at tripwire.com, get security news, trends and insights at tripwire.com/blog or follow us on Twitter (News - Alert) @TripwireInc. Tripwire, Inc. was acquired by Belden Inc. (NYSE:BDC) in 2015. View source version on businesswire.com: http://www.businesswire.com/news/home/20160211005266/en/ |