Security breaches on the rise

A new study reported no decrease in the number of network security events or breaches last year.

By Gregory Hale, ISSSource July 21, 2014

Despite more resources allotted to protecting networks, over 33 percent of cyber attacks take hours to detect, and on top of that, resolving a breach can take months to resolve, a new study said.

In addition, 82 percent of respondents report no decrease in the number of network security events or breaches last year and more than a quarter of those surveyed report an increase, according to the CSG Invotas and IDG Research survey.

Researchers explored the security challenges commercial organizations face when confronted with security breaches across their networks. The survey went out to decision makers of information security, strategy, and solution implementations at companies with 500 or more employees.

Important survey findings include:

  • More than one-third of breaches take hours to detect
  • Resolving breaches can take days, weeks, or months
  • Ongoing management of electronic identities that control access to enterprise, cloud, and mobile resources take the most time to change or update during a security event
  • A majority of respondents seek ways to reduce response time in order to address risk mitigation, preserve their company’s reputation, and protect customer data
  • Sixty-one percent of respondents said they are looking for ways to improve response times to security events.

Business process automation solutions offer a new approach to the most difficult step in security operations: Taking immediate and coordinated action to stop security attacks from proliferating. Building digital workflows that can synchronize across an enterprise allows a rapid counter-response to cyber attacks.

Speed, accuracy, and efficiency can occur by applying carrier-grade technology, replicating repetitive actions with automated workflows, and reducing the need for multiple screens.

"It is no longer a surprise to hear that a breach has compromised data related to customers, employees, or partners," said Paul Nguyen, president of global security solutions at CSG Invotas. "CIOs recognize that they need faster, smarter ways to identify security breaches across their enterprises. More importantly, they need faster, smarter ways to respond with decisive and coordinated action to help protect threats against company reputation, customer confidence, and revenue growth."

A quarter of respondents said they are comfortable with the idea of automating some security workflows and processes and they deploy automation tools where they can. Fifty-seven percent of respondents said they are somewhat comfortable with automation for some low-level and a few high-level processes, but they still want security teams involved.

When it comes to automation, on average, 30 percent of respondents said their security workflows have gone through the automation process, but nearly two-thirds of respondents expect they will automate more security workflows in the coming year.

Gregory Hale is the editor and founder of Industrial Safety and Security Source (ISSSource.com), a news and information website covering safety and security issues in the manufacturing automation sector. This content originally appeared on the ISSSource website. Edited by Brittany Merchut, Project Manager, CFE Media, bmerchut@cfemedia.com