More than 90 percent of IT professionals indicated they want to detect cybersecurity incidents that lead to breaches of their network within a day.
The “Current Trends in Enterprise IT Network Security” survey of U.S. IT executives by Lumeta also revealed that seven percent said less than one week would be an acceptable timeframe, three percent said less than one month. However, industry data shows the average duration of a breach is more than six months.
More than 60% of respondents believe they are notified of the presence of rogue assets or activity on their network within 10 minutes. Despite this view, industry breach data again tells a different story. According to the Mandiant 2015 Threat Report, only 31 percent of companies detected breaches on their own, using internal resources. Others learned they were compromised from a third party, such as a supplier, customer or law enforcement.
“As industry data refutes some of the key statements made by respondents, I fear they may be falsely confident that their security program is adequately protecting their information assets,” said Reggie Best, chief marketing officer of Lumeta.
The research further revealed that 63 percent are particularly concerned about threats emanating from mobile, virtual and cloud assets – assets intermittently present in the network. Nearly 65 percent) of IT professionals have difficulty identifying cyber threats fast enough from those transitory assets.
Nearly one-half of respondents say there are key impediments to attaining network visibility: 48 percent said the lack of comprehensive security intelligence available across the network, while 49 percent of respondents cited their inability to monitor every device on the network, particularly mobile or cloud instances.
“With these key impediments to network visibility, they don’t know what they are missing on their networks. It’s of little wonder that two-thirds of survey respondents are concerned that their companies are experiencing an undetected attack right now,” continued Best. “To combat malicious activity on their networks, organizations must incorporate capabilities to comprehensively understand all that is connected to their network, and have a real-time view of new assets as they join the network.”