UPDATED 00:40 EST / JANUARY 15 2016

NEWS

New Rapid7 survey finds enterprise security overwhelmed in challenging threat environment

Security firm Rapid7, LLC has released the results of its 2015 Incident Detection and Response Survey that found that organizations have become overwhelmed as the security threat environment continues to provide increased challenges.

The company surveyed hundreds of security professionals at organizations of varied sizes across the globe on their biggest security concerns and planned initiatives for 2016 and found that some 90 percent of organizations are worried about compromised credentials, with 60 percent saying they cannot catch these types of attacks today.

Sixty-two percent of organizations said that they are receiving more alerts than they can feasibly investigate, but only 45 percent of respondents said that they plan to increase spending on incident response programs and solutions in the coming year.

Some one-third of respondent organizations currently report visibility into cloud services, while 79 percent said that they allow the use of at least one cloud service within their organization.

In terms of challenges ahead in 2016, the top results were companies identifying that they have no visibility into user risk, they are currently receiving more alerts than their security teams can handle, and that when they did receive alerts, but investigations take too long to resolve.

“Security professionals are struggling to detect and investigate incidents because the monitoring solutions available do not provide visibility into today’s modern IT environments and cannot give users the insight they need to make decisions quickly,” Rapid7 Senior Vice President of Products and Engineering Lee Weiner said in a statement sent to SiliconANGLE. “This lack of understanding – or context – is causing massive alert fatigue and leaving companies unable to effectively detect the most used attack method today: compromised credentials.”

The survey report notes that while information security teams are expected to mitigate risk in sprawling environments, matters are complicated by the network perimeter expanding to include cloud services, mobile devices and global workforces that encompass partners and contractors, making prevention as the sole security strategy effectively obsolete.

“Preventative solutions alone cannot protect against many of the most common attack vectors behind breaches, such as phishing and stolen credentials,” the report noted.

Security teams are advised to invest further in incident detection and response solutions to detect and contain compromise when it occurs, but Rapid7 reported that while 55 percent of organizations say they are using a SIEM (Security Information and Event Management), the fact that many are unable to cope with the amount of reports they receive is disturbing. In addition, often SIEMs are not being used to monitor cloud services, consequently leaving organizations blind to this important part of modern enterprise IT environments.

A full copy of the report is available from Rapid7 here.

Image credit: cogdog/Flickr/CC by 2.0

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU