Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 27 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Compromised Credentials a Top Concern for 90 Percent of Security Professionals

by The Gurus
January 14, 2016
in Editor's News
Share on FacebookShare on Twitter

Rapid7, Inc. (NASDAQ: RPD), a leading provider of security data and analytics solutions, today released the results of its 2015 Incident Detection and Response Survey. The survey includes findings from hundreds of security professionals at organizations of varied sizes across the globe on their biggest security concerns and planned initiatives for 2016. Punctuating the results were two key points: (1) 90% of organizations are worried about compromised credentials, though 60% say they cannot catch these types of attacks today; and (2) 62% of organizations are receiving more alerts than they can feasibly investigate.
These key findings are strongly underscored by the fact that compromised credentials have been the leading attack vector for the last five years according to the Verizon 2015 Data Breach and Investigations Report. Additionally, intruders generally remain undetected for an average of 197 days within retail organizations and 98 days within financial services organizations once they’ve breached a network.
“Security professionals are struggling to detect and investigate incidents because the monitoring solutions available do not provide visibility into today’s modern IT environments and cannot give users the insight they need to make decisions quickly,” said Lee Weiner, senior vice president of products and engineering at Rapid7. “This lack of understanding – or context – is causing massive alert fatigue and leaving companies unable to effectively detect the most used attack method today: compromised credentials.”
Information security teams are expected to mitigate risk in sprawling environments, where employees are remotely accessing the network, at any time, from any place. The network perimeter has now expanded to include cloud services, mobile devices, and global workforces that encompass partners and contractors, making prevention as the sole security strategy effectively obsolete. Preventative solutions alone cannot protect against many of the most common attack vectors behind breaches, such as phishing and stolen credentials.
In an effort to better monitor their IT environments, security teams are investing further in incident detection and response solutions to detect and contain compromise when it occurs. However, while 55% of organizations say they are using a SIEM (Security Information and Event Management) to aid with incident detection and response, alarmingly, 62% of these organizations report receiving more alerts than they can handle. In addition, SIEMs are not being used to monitor cloud services in use, leaving organizations blind to this important part of modern IT environments.
Additional highlights from the survey include:

  • 45% of respondents plan to increase spending on incident response programs and solutions
  • Only 1/3 of organizations report visibility into cloud services, while 79% of respondents reported allowing the use of at least one cloud service within their organization
  • The top three challenges facing security teams today are: (1) no visibility into user risk; (2) more alerts than the security team can handle; and (3) investigations that take too long

To view the full report from Rapid7 or register for our webcast, visit: http://www.rapid7.com/resources/incident-detection-response-survey.jsp

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

AppRiver Warns of Malicious Macro Phishing Campaign Impersonating UK Winery

Next Post

One Ring to pwn them all: IoT doorbell can reveal your Wi-Fi key

Recent News

Synopsys discover new vulnerability in Pluck Content Management System

Synopsys discover new vulnerability in Pluck Content Management System

March 24, 2023
Dole Food Company

Dole confirms employee data was breached following February ransomware attack

March 24, 2023
call centre

MyCena Improves Customer Data Access Protection in Call Centers and BPOs

March 23, 2023
Blue logo, capitalised letters. SPECOPS.

Fortune 500 Company Names Found in Compromised Password Data

March 23, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information