Following are the most salient findings that came out of the enterprises represented in the research. According to respondents:
- They spent an average of $10 million in the past 12 months to resolve the impact of exploits.
- If they had actionable intelligence about cyber attacks within 60 seconds of a compromise, they could reduce this cost on average by $4 million (40 percent).
- Those that have been able to stop cyber attacks say they need actionable intelligence 4.6 minutes in advance to stop them from turning into compromises.
- 60 percent were unable to stop exploits because of outdated or insufficient threat intelligence.
- Those not successful in detecting attacks believe 12 minutes of advanced warning is sufficient to stop them from developing into compromises.
- 57 percent believe threat intelligence currently available to most companies is often too stale to enable them to grasp and understand the strategies, motivations, tactics and location of attackers.
- Only 10 percent know with absolute certainty that a material exploit or breach to networks or enterprise systems occurred.
Also in the report were a number of other findings about the state of cyber security within the participating enterprises:
- 72 percent believe that in order to defend against an attack, it is important to essential to know the geo-location of attack sources.
- 69 percent believe that future attacks are most likely to come from China, but 71 percent said they were seeing most of their current attacks originating in the U.S.
- 57 percent of say Advanced Persistent Threats (APTs) are their greatest concern; 54 percent say they are most concerned about root kits; 45 percent say SQL and code injection is their biggest worry.
- 35 percent rely on IT security teams' "gut feel" to determine whether or not an attack will occur.
- 34 percent believe that criminal syndicates pose the biggest threat to their enterprise; 19 percent said state-sponsored attackers were the greatest threat.
- 9 percent cannot determine whether or not they are compromised.
- A wide range of technologies is used to gather threat intelligence, ranging from SIEM to IDS to IAM to Big Data analytics and firewalls. On a one-to-10 scale of effectiveness, only 22 percent rate these technologies between a seven and a 10, and 78 percent rate them between a one and a six.