Incident Response to Cyberattacks Take Over Two Working Days, According to Latest Industry Survey
October 13, 2021
Response time is a critical factor causing a majority (87 percent) of industry professionals to believe that it is not possible to fully prevent ransomware and malware attacks.
NEW YORK, October 13, 2021 – Deep Instinct, the first company to build a purpose-built deep learning framework for cybersecurity, today released the second edition of its bi-annual Voice of SecOps Report. This latest survey follows its initial report from July 2021, which found that 83 percent of cybersecurity professionals were dissatisfied with current EPP and EDR solutions and feel that they deserve better.
The average global response to a cyberattack was found to be 20.9 hours—more than two “working” days. Given the lag time that security teams often face when responding to an attack, survey respondents were uncertain whether it is possible to prevent the constant waves of attacks from cybercriminals. In addition, security operations professionals cite threats from within as a persistent issue; 86 percent do not have confidence that their fellow employees will not click on malicious links, easily allowing threats into an environment and initiating an attack or breach.
Challenges Exposure to ransomware and other malware is far from fixed, but there are plenty of other key challenges that security professionals continue to face as well.
- Concerns about addressing cyberattacks:
- The lack of threat prevention specific to never-before-seen malware (44%) is a top concern.
- Hidden persistence, whereby threat actors discreetly maintain long-term access to systems despite disruptions such as restarts or changed credentials, is the most feared tactic used by attackers to launch large-scale attacks (40%).
- Lack of qualified SecOps staff (35%) causes challenges for incident response, especially amongst those working in healthcare (52%) and the public sector (55%).
- Complete endpoint security coverage remains elusive:
- Nearly all of those surveyed (99%) believe they don’t have every endpoint in their company secured by at least one agent.
- One-third (32%) of respondents claim that every endpoint has the same level of protection, with a majority of 60% claiming they are unable to consistently block threats across endpoints.
- Cloud storage and malicious file challenges:
- Files stored in the cloud are an unchecked vulnerability for 80% of respondents.
- 68% of respondents had some concern with fellow employees unwittingly uploading malicious files and compromising environments.
“Ransomware and malware attacks aren’t going away anytime soon. That’s why organizations need to better position themselves to combat potential threats with a pre-execution, prevention-first approach,” said Guy Caspi, CEO of Deep Instinct. “The survey findings shed light on the multiple challenges that security teams face on a daily basis and provides insights into the serious needs that the industry needs to address. This research exposes gaps in organizations’ security posture, including a lack of full coverage on the endpoint, exposure in cloud storage, and malicious file uploads by internal sources into production systems.”
The Cybersecurity War: A New Hope
There is optimism on the horizon amongst security professionals, especially those in the technology and financial services sectors. Respondents in the tech space were optimistic about efforts to combat cyber threats and twice as likely as those in other sectors to believe that prevention of all malware is possible.
The financial services industry is at the head of the pack when it comes to incident response time, responding to incidents nearly four hours sooner than counterparts in other business sectors. Two-thirds (66%) of total respondents believe that it will be possible to prevent all threats from infiltrating their organization’s network in the next two to five years.
Additionally, 59% of those surveyed are optimistic regarding the viability of both prevention (57%) and detection (62%). By automatically detecting and preventing threats, security teams can focus on the most pressing issues versus being inundated with constant alerts.
Deep Instinct’s report analyzed feedback from 1,500 senior cybersecurity professionals across 11 key countries that work for businesses with more than 1,000 employees and revenue north of $500M annually. Respondents were found in six core verticals: financial services, retail and eCommerce, healthcare, manufacturing, the public sector, critical infrastructure, and technology-related businesses.
To access the full Voice of SecOps Report, learn more about the key findings, and view the survey methodology, please visit here.
About Deep Instinct
Deep Instinct takes a prevention-first approach to stopping ransomware and other malware using the world’s first and only purpose-built, deep learning cybersecurity framework. We predict and prevent known, unknown, and zero-day threats in <20 milliseconds, 750X faster than the fastest ransomware can encrypt. Deep Instinct has >99% zero-day accuracy and promises a <0.1% false positive rate. The Deep Instinct Prevention Platform is an essential addition to every security stack—providing complete, multi-layered protection against threats across hybrid environments. For more, visit www.deepinstinct.com.
Merritt Group for Deep Instinct
Suzanne van de Raadt
Director, Public Relations