Study: Most Security Pros Unsure Whether They Could Handle A Breach

Security pros not confident in their ability to quickly find the source of a breach and remediate it, study says

Most security professionals are not confident in their ability to quickly detect and find the source of a breach, and many fear they will fumble their incidence response efforts, according to a study published Wednesday.
A survey conducted by the Ponemon Institute and sponsored by security company AccessData
reports that many security pros are worried that they would not know the root cause of a breach, or that they would be able to prioritize their responses.
When a CEO and board of directors asks a security team for a briefing immediately following an incident, 65 percent of respondents believe that the briefing would be purposefully modified, filtered or watered down because of a lack of information, the study says.
Additionally, 78 percent of respondents believe most CISOs would make a best effort guess based on limited information, and they would also take action prematurely and report that the problem had been resolved without this actually being the case.
One of the things I found interesting was that so many of the respondents felt they would have to fudge their reports to the CEO, says Larry Ponemon, founder and director of the Ponemon Institute. Theyre not confident at all in their data.
Eighty-six percent of respondents say detection of a cyberattack takes too long in their organizations, according to the report. Eighty-five percent say they are unable to properly prioritize alerts and incidents as they occur. Seventy-four percent say there is poor or no integration between their security point products, which makes it hard for them to respond effectively to new incidents.
Theyre getting alerts from their SIEM [security incident and event management] tools, from FireEye [malware analysis tools], and from Palo Alto Networks [next-generation firewalls], and they have no way to figure out which alerts to prioritize and which ones they should really care about, says Craig Carpenter, chief cybersecurity strategist at AccessData.
Forty percent of respondents say none of their security products allows the import of threat intelligence data from other sources, the study says. Fifty-four percent say they are not able to or unsure of how to locate sensitive data, such as trade secrets and personally identifiable information (PII), on mobile devices.
What this data tells us is that security pros are absolutely missing things when theyre analyzing threats and doing incident response, says Carpenter. They cant get the evidence they need to identify the source of the attack.
Have a comment on this story? Please click Add a Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Study: Most Security Pros Unsure Whether They Could Handle A Breach