TMCnet News
Slow but Steady Improvement in Security Analytics Usage: Results of the SANS 2015 Analytics and Intelligence SurveyBETHESDA, Md., Oct. 29, 2015 /PRNewswire-USNewswire/ -- Organizations are making slow but steady progress toward gathering more data, using threat intelligence sources and implementing analytics platforms, according to results of a new survey to be released by SANS Institute on November 11, 2015. Organizations are also more realistic about their levels of automation and their lack of visibility into breaches. "It's apparent that security analytics is providing real value in security organizations today," says Dave Shackleford, SANS Analyst and author of the survey report. "Overall, detection and response times are improving, and many teams feel like they are building more effective security event management and intelligence programs with analytics capabilities." In 2014, for those organizations that experienced breaches, 50% indicated the average time to detection for an impacted system was one week or less. This year, 67% were able to make that target. Although 83% also believe that they have improved visibility into events and breaches, 26% still can't identify what "normal" behavior looks like, but this has improved by 10% of respondents from 2014. Respondents point not only to a lack of automation and integration, but also to a lack of analytics skills as big impediments holding them back from realizing the full potential of their analytics and intelligence programs. Shackleford adds, "The biggest challenge security teams face when implementing security analytics tools continues to be finding the skill sets and personnel to implement, manage and tune these systems." In the survey, 59% of respondents said that lack of skills and dedicated resources were key impediments to discovering and following up on incidents and breaches. Lack of centralized reporting and remediation controls represented the second toughest impediment, selected by 35% of respondents. Full results will be shared during a two-part webcast series on Wednesday and Thursday, November 11 and 12, 2015, at 1 PM EDT. The first webcast, on Wednesday, November 11, will focus on the current level of maturity organization have in their analytics sstems and how much their capabilities have grown since 2014. The second webcast, on Thursday, November 12, will discuss how analytics needs to mature and what improvements survey respondents plan to make in the future. The webcast series is sponsored by AlienVault, DomainTools, LogRhythm, LookingGlass Cyber Solutions, SAS, and ThreatStream, and hosted by SANS. Register to attend both webcasts at: www.sans.org/u/9Br and www.sans.org/u/9Bw Those who register for the webcast will also receive access to the published results paper developed by SANS Analyst and analytics and intelligence expert, Dave Shackleford. Tweet This Survey Results: So much #SecurityAnalytics & Intel Info, we need 2 Parts: 11/11, www.sans.org/u/9At, 11/12, www.sans.org/u/9Ay NOV 11: #SecurityAnalytics Maturation Curve: SANS Security Analytics & Intel Survey Results PT 1, www.sans.org/u/9At #infosec NOV 12: Moving up the #Analytics Maturation Curve: SANS Security Analytics & Intel Survey Results PT 2, www.sans.org/u/9Ay #infosec About SANS Institute
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/slow-but-steady-improvement-in-security-analytics-usage-results-of-the-sans-2015-analytics-and-intelligence-survey-300168829.html SOURCE SANS Institute |