Security community faces widespread dissatisfaction from customers: RSA
The survey data, gathered from more than 160 respondents globally, was released at RSA Conference in San Francisco and was designed to allow participants to self-assess how effective their organisations are at detecting and investigating cyber threats.
RSA President Amit Yoran said the survey reinforces the company's greatest fear that organisations are not currently taking, and in many cases are not planning to take, the necessary steps to protect themselves from advanced threats.
“They are not collecting the right data, not integrating the data they collect, and focusing on old-school prevention technologies. Today’s reality dictates that they need to plug gaps in visibility, take a more consistent approach to deploying the technologies that matter most, and accelerate the shift away from preventative strategies,” he added.
The research provides details of what technologies organisations use, what data they gather to support this effort, and their satisfaction with current toolsets.
Just 8 percent of those feel they can detect threats quickly and only 11 percent said they can investigate threats very quickly.
There is a disparity between organisations that collect perimeter data (88 percent), and data from modern IT infrastructures (Cloud-based infrastructure 27 percent, Network Packet 49 percent, Identity Management 55 percent, and Endpoint 59 percent).
However, organisations who have incorporated these data sources into their detection strategies find them extremely valuable: organisations collecting network packet data ascribed 66 percent more value to that data for detecting and investigating threats than those that didn’t, and those collecting endpoint data ascribed 57 percent more value to that data than those that didn’t.