According to IDG research in a CSG Invotas white paper “Security Automation: Time to Take a Fresh Look” most organisations struggle to resolve the effects of a breach.
There’s no doubt that improving intrusion response and resolution times reduces the window of exposure from a breach,” said Jen McKean, research director at IDG Research. “More companies seek security automation tools that will enable them to resolve breaches in mere seconds and help maintain business-as-usual during the remediation period
Researchers polled decision makers of information security, strategy, and solution implementations at companies with 500 or more employees. They explored the security challenges commercial organizations face when confronted with security breaches across their networks. Key findings include:
- 46% of respondents report an average detection time of hours or days
- 54% reporting average resolution times of days or months
- On going management of electronic identities that control access to enterprise, cloud, and mobile resources take the most time to change or update during a security event
- A majority of respondents seek ways to reduce response time in order to address risk mitigation, preserve their company’s reputation, and protect customer data
- 61% of respondents admit they are looking for ways to improve response times to security events
- 82% of respondents report no decrease in the number of network security events or breaches last year whilst more than a quarter of those surveyed report an increase
- 60% of IT Security Resources dedicated to protecting the network layer
- 10% of respondents reporting they’re able to resolve issues in seconds or minutes; 54% say it takes days, weeks or months
- 28% of respondents say the number of security events or breaches increased in 2013
- 24% report that the severity of incidents increased
- 39% of respondents say they can detect a security breach within seconds or minute
Business process automation solutions offer a new approach to the most difficult step in security operations: taking immediate and coordinated action to stop security attacks from proliferating. Building digital workflows that can be synchronized across an enterprise allows a rapid counter-response to cyber-attacks. Speed, accuracy, and efficiency are accomplished by applying carrier-grade technology, replicating repetitive actions with automated workflows, and reducing the need for multiple screens.
It is no longer a surprise to hear that a breach has compromised data related to customers, employees, or partners,” said Paul Nguyen, president of global security solutions at CSG Invotas. “CIOs recognize that they need faster, smarter ways to identify security breaches across their enterprises. More importantly, they need faster, smarter ways to respond with decisive and coordinated action to help protect threats against company reputation, customer confidence, and revenue growth
A quarter of respondents say they are comfortable with the idea of automating some security workflows and processes and that they deploy automation tools where they can. 57% of respondents say they are somewhat comfortable with automation for some low-level and a few high-level processes, but they still want security teams involved. On average, respondents report that 30% of their security workflows are automated today; but nearly two-thirds of respondents expect they will automate more security workflows in the coming year.
The full survey and key findings are available here.