TMCnet News
Security analytics proves challenging but effective, finds survey by SAS and PonemonCARY, N.C., March 6, 2017 /PRNewswire/ -- Security analytics solutions are delivering deeper visibility into organizations' security data than ever before. But deployment and day-to-day usage remain challenging, according to a new Ponemon Institute survey, When Seconds Count: How Security Analytics Improves Cybersecurity Defenses, sponsored by analytics leader SAS. "There has been much said about the promise of security analytics to improve security operations," said Larry Ponemon, Chairman and founder of Ponemon Institute. "This is one of the first studies to deeply examine actual use of these solutions and identify where organizations are succeeding and struggling." Most responding IT and IT security practitioners believe security analytics solutions have greatly improved their organizations' overall security posture. They said the solutions make it easier to reduce false positives and to spot and stop anomalous traffic. However, these improvements come with challenges, starting with implementation. More than half of respondents (56 percent) characterized their initial deployments as "difficult" or "very difficult." Among them, 65 percent cited the configuration and/or tuning required to make the system usable. "Nearly all solutions require initial configuration and tuning for optimal performance," said Stu Bradley, Vice President of Cybersecurity Solutions at SAS. "Organizations can avoid many pitfalls by clearly defining workflows and project goals before starting an implementation." Success hinges on data Even beyond deployment, a significant majority (65 percent) pointed to data challenges, top among them data quality (cited by 66 percent of the respondents), data integration (65 percent) and data volume (55 percent).
Detecting the 'right' threats "When you look at these security objectives, they're all very different – and they each bring fundamentally different data into play," said Bradley. "That speaks to the breadth and depth of analytic sophistication needed for an organization to develop all the right capabilities. Success requires a confluence of different analytic disciplines and also a carefully plotted road map for maturing analytic capabilities. With such a road map, organizations can make the most of their limited security resources." The future of security analytics "With security analytics still in its infancy, this survey is a critical benchmark," said Ponemon. "It shows we've come a long way in a short period, but the industry hasn't yet mastered the complexity. With this user pulse reading, though, the industry's call to action becomes clear." "Security analytics clearly isn't as effective as security practitioners need it to be," echoed Bradley. "Addressing these challenges calls for a 'lifecycle' approach – one that doesn't just focus on data and algorithms. What we need is a consistent, governed process for deploying analytics. And the analytics must be consumable across a broad range of resources. It's a difficult challenge. But building analytic sophistication ultimately pays off in improving organizations' ability to discover, detect, investigate and respond to security events in a reliable, repeatable way." About the survey Notably, most respondents indicated that their organizations adopted security analytics reactively – a stunning 68 percent in response to a cyberattack or successful intrusion. About SAS SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies. Copyright © 2017 SAS Institute Inc. All rights reserved. To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/security-analytics-proves-challenging-but-effective-finds-survey-by-sas-and-ponemon-300418378.html SOURCE SAS |