Key Takeways From Recent SolarWinds & SANS Cybersecurity Survey
Last week, SolarWinds, working alongside the SANS Institute, released the results of an information security survey involving more than 120 government IT professionals. It was conducted to identify the impact of cybersecurity threats and the use of security analytics and intelligence to resolve those threats.
We’ve reviewed their report and have identified five interesting takeaways.
1. 41% of people who knew their budget said they spent less than 5% of it on information security management, compliance, and response.
2. 65% of people who reported how long their networks were impacted before an attack was detected said at least one attack lasted longer than a month.
3. The three greatest impediments to discovering and following up on attacks were:
- Not collecting the appropriate operational and security-related data to make associations with.
- Lack of system awareness and vulnerability awareness.
- Lack of relevant event context to observe “normal” behavior.
4. Of the ten analytics and intelligence capabilities listed in the survey, eight of them had more votes of “not satisfied” than “satisfied” and “very satisfied” combined, including visibility into actionable security events across disparate systems and users and training/intelligence/expertise.
5. The top two areas identified for future investments were:
- Personnel/training to detect patterns (analytics) and manage systems.
- Security information management tools/SIEM systems with build-in intelligence/whitelisting/reputation/ analytics capabilities.
What becomes apparent in these takeaways, and throughout the report, is that the cybersecurity tools currently used by agencies are not doing enough. Attacks are still successful, they’re still running undetected, and agencies need more experts to not only manage the tools, but to provide context to data security.
To that last point, SolarWinds believes that protecting data isn’t just the responsibility of cybersecurity professionals: "Since the responsibility of securing IT is not just the role of a security expert anymore, it's important for all IT pros to be equipped to tackle security challenges," said Sanjay Castelino, VP and Market Leader at SolarWinds, when we reached out for comment.
If you’re interested in learning more, SolarWinds has created a SlideShare presentation of the report - Security Analytics and Intelligence. And please feel free to share the results you found interesting in the comments!