Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The State of Incident Response - INFOGRAPHIC

2,269 views

Published on

Incident Response (IR) teams are designed to detect, investigate and, when necessary, perform remediation in the event of a critical incident. The results of the 2015 SANS Incident Response Survey provides a picture of what IR teams are up against today—the types of attacks they see, what defenses they have in place to detect and respond to these threats, and their perceived effectiveness and obstacles to incident handling.

Some key challenges reported by responders to the survey were:
66% cited a skills shortage as being an impediment to effective IR:

54% cited budgetary shortages for tools and technology
45% noted lack of visibility into system or domain events
41% noted a lack of procedural reviews and practice
37% have trouble distinguishing malicious events from nonevents

Do these challenges sound familiar? Download the full survey to learn more about how other organizations are approaching incident response, along with best practices and advice. Visit http://ow.ly/R3Cr0

Published in: Technology
  • Be the first to comment

The State of Incident Response - INFOGRAPHIC

  1. 1. TIIB Slalfl DI Illcillfl IHBSIIIIIISB Incident Response (IR) teams are designed to detect, investigate and, when necessary, perform remediation in the event of a critical incident. This infographic highlights the results of the 2015 SANS Incident Response survey, providing a picture of what IR teams are up against today. To ‘Download the Full Survey Report Visit: AlienVau| t.com/ lncidentResponseSurvey — Q Malware [6296] Distributed Denial of Services (DDoS) [4396] Unauthorized access [£2,596] — 0 Data breach l38.5%l ‘ . Advanced Persistent Threat (APT) or Multi-stage Attack [3355] I Employee Information [4196] — Individual consumer customer Info [3696] Intellectual property (source code, manufacturing plans, etc)[3fl%] Q Proprietary customer information [2196] O Legal data l14.5%l 0 Staffing and skills shortages l66%l Budgetary shortages for tools and techno| ogy[5ll%l Lack of visibility into events across systems [4556] Q Lack of procedural reviews and practice [4196] Q Inability to distinguish between malicious events and non-events [am] "In many instances though, budget is provided for the acquisition and installation of a security tool, but very little training on its operation and maintenance or time to baseline normal operation and tune out false positives is ensured. " - SANS 2015 Incident Response Survey Better security Additional Improved visibility More amomate - analytics and event training/ certification into threats & rept%"rt(')'Lg r‘%‘§’| E|"U| y5'5 correlation of staff vulnerabilities integration it ALIEN VAULT

×