Time is crucial in dealing with cyber security threats
Of 430 security and risk professionals surveyed, 55 percent were dissatisfied with the length of time it takes them to contain and recover from attacks.
This is according to information security training and analysis organization SANS, which has released the results of its latest report into data center and cloud security.
According to the survey, 59 percent of organizations are able to contain attacks within 24 hours, leaving many open to prolonged and increased damage as attacks spread laterally through data centers and clouds. 37 percent take up to 8 hours to contain attacks and 17 percent report taking more than a week.
"When it comes to limiting damage and preventing data breaches, time continues to be the biggest challenge for security and risk professionals," says SANS analyst Dave Shackleford. "Most respondents said they use traditional tools to monitor traffic between datacenters and internal or external clouds, and are unhappy with the level of visibility and containment speeds they get. If our security stance is going to improve, we need better visibility, the ability to make configuration changes faster and to contain attacks more quickly".
Other findings include that 44 percent of enterprises reporting breach information have had sensitive data accessed by attackers, these same respondents were among those using traditional security tools in their data centers and clouds. Multiple attacks are common too with 28 percent of organizations having experienced up to six data breaches in the past 24 months.
The results show that 37 percent of organizations use distributed cloud and data center computing systems. But security seems to be losing ground in the move to distributed computing, 44 percent of respondents said their biggest challenge was that cloud providers don't offer the visibility needed to protect users and data. In addition 19 percent say cloud providers don’t give them the security support they need and 49 percent have no formal cloud security strategy in place. Making matters worse is the lack of effective security controls available and in use. While 75-100 percent of respondents are using traditional tools in data centers, that number drops off to less than 35 percent in the cloud.
You can find the full report on the SANS website and there's an infographic summary of the findings below.
Image Credit: razihusin / Shutterstock