Despite increased resource allocation designed to protect networks, a CSG Invotas and IDG Research survey finds that 82 percent of respondents report no decrease in the number of network security events or breaches last year—and more than a quarter of those surveyed report an increase.
Researchers polled decision makers of information security, strategy, and solution implementations at companies with 500 or more employees. They explored the security challenges commercial organizations face when confronted with security breaches across their networks. Key findings include:
- More than one-third of breaches take hours to detect
- Resolving breaches can take days, weeks, or months
- Ongoing management of electronic identities that control access to enterprise, cloud, and mobile resources take the most time to change or update during a security event
- A majority of respondents seek ways to reduce response time in order to address risk mitigation, preserve their company’s reputation, and protect customer data
- Sixty-one percent of respondents admit they are looking for ways to improve response times to security events.
Speed, accuracy, and efficiency are accomplished by applying carrier-grade technology, replicating repetitive actions with automated workflows, and reducing the need for multiple screens.
“It is no longer a surprise to hear that a breach has compromised data related to customers, employees, or partners,” said Paul Nguyen, president of global security solutions at CSG Invotas. “CIOs recognize that they need faster, smarter ways to identify security breaches across their enterprises. More importantly, they need faster, smarter ways to respond with decisive and coordinated action to help protect threats against company reputation, customer confidence, and revenue growth.”
A quarter of respondents say they are comfortable with the idea of automating some security workflows and processes and that they deploy automation tools where they can. Fifty-seven percent of respondents say they are somewhat comfortable with automation for some low-level and a few high-level processes, but they still want security teams involved.
On average, respondents report that 30 percent of their security workflows are automated today; but nearly two-thirds of respondents expect they will automate more security workflows in the coming year.