Welcome!

News Feed Item

SANS Institute Releases Results of Survey, Incident Response: How to Fight Back

Incident Response Capabilities Ineffective; Lack of Time and Budget Primary Barriers; Formalized Plans Needed; Recommendations

BETHESDA, Md., Aug. 12, 2014 /PRNewswire-USNewswire/ -- A spate of high-profile security breaches and attacks means that security practitioners find themselves thinking a lot about incident response. A new SANS incident response survey, sponsored by AccessData, AlienVault, Arbor Networks, Bit9 + Carbon Black, HP and McAfee/Intel Security, looks at how practitioners are dealing with these numerous incidents.

"Many small organizations think they are a less significant target to sophisticated attackers and are, therefore, safe from intrusion," says SANS Analyst and author Alissa Torres. "As last week's discovery of the loss of 1.2 billion usernames and passwords from 420,000 websites demonstrated, nothing could be farther from the truth."

In fact, organizations of all sizes are facing incidents that require incident response capabilities. And unfortunately, only 9% of survey respondents labeled their incident response capabilities as very effective, and 26% were dissatisfied, citing lack or time to review and practice procedures (62%) and lack of budget (60%) as key impediments to effective response.

Jake Williams, SANS Analyst and incident response professional, adds, "Overall, organizations are not ready to handle their incident response requirements. Having a plan in place to address incidents, including delineation of what constitutes an incident, enables organizations to address issues when they do arise." Still, 43% of respondents did not have formalized incident response plans and 55% didn't have formal incident response teams. Williams continues, "Both of these situations lead to disjointed approaches to managing and remediating incidents, resulting in delayed responses and more costly mitigation."

Survey results point to automation and security information and event management integration tools as key means to improving incident response processes. Other recommendations provide insights into how to grow incident response capabilities.

Full results will be shared during a two-part webcast, which will also provide insight into incident response plans, attack histories, where organizations should focus their response efforts, and how to put all of the pieces together.

Part 1—Incident Response Techniques and Processes: Where We Are in the Six-Step Process, Thursday, August 14, 2014, at 1:00 PM EDT, will focus on survey results and where we are as an industry in terms of the incident response process. Register to attend the complimentary webcast at www.sans.org/info/165522

Part 2—Growing and Maturing an IR Capability, Friday, August 15, 2014, at 1:00 PM EDT, will focus on survey results about capability for incident response and how to grow those capabilities. Register to attend this complimentary webcast at www.sans.org/info/165527

Those who register for either webcast will also receive access to the published results paper developed by SANS analyst and incident response expert, Alissa Torres.

#IncidentResponse: what works? What doesn't? 2 webcasts: AUG 14 http://bit.ly/IRSurv-Results; AUG 15 http://bit.ly/IRSurv-Results2

SANS IR Survey Results 8/14 http://bit.ly/IRSurv-Results AND 8/15 http://bit.ly/IRSurv-Results2.

Update your #IncidentResponse know-how. 2 survey results webcasts: 8/14 http://bit.ly/IRSurv-Results; 8/15 http://bit.ly/IRSurv-Results2

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted, and by far the largest source for world-class information security training and security certification in the world offering over 50 training courses. GIAC, an affiliate of the SANS Institute, is a certification body featuring over 27 hands-on, technical certifications in information security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; and it operates the Internet's early warning system - the Internet Storm Center. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community. (www.SANS.org)

SOURCE SANS Institute

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
With over 720 million Internet users and 40–50% CAGR, the Chinese Cloud Computing market has been booming. When talking about cloud computing, what are the Chinese users of cloud thinking about? What is the most powerful force that can push them to make the buying decision? How to tap into them? In his session at 18th Cloud Expo, Yu Hao, CEO and co-founder of SpeedyCloud, answered these questions and discussed the results of SpeedyCloud’s survey.
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, will deep dive into best practices that will ensure a successful smart city journey.
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement. In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
Identity is in everything and customers are looking to their providers to ensure the security of their identities, transactions and data. With the increased reliance on cloud-based services, service providers must build security and trust into their offerings, adding value to customers and improving the user experience. Making identity, security and privacy easy for customers provides a unique advantage over the competition.
Qosmos has announced new milestones in the detection of encrypted traffic and in protocol signature coverage. Qosmos latest software can accurately classify traffic encrypted with SSL/TLS (e.g., Google, Facebook, WhatsApp), P2P traffic (e.g., BitTorrent, MuTorrent, Vuze), and Skype, while preserving the privacy of communication content. These new classification techniques mean that traffic optimization, policy enforcement, and user experience are largely unaffected by encryption. In respect wit...
SYS-CON Events announced today that StarNet Communications will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. StarNet Communications’ FastX is the industry first cloud-based remote X Windows emulator. Using standard Web browsers (FireFox, Chrome, Safari, etc.) users from around the world gain highly secure access to applications and data hosted on Linux-based servers in a central data center. ...
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
Traditional on-premises data centers have long been the domain of modern data platforms like Apache Hadoop, meaning companies who build their business on public cloud were challenged to run Big Data processing and analytics at scale. But recent advancements in Hadoop performance, security, and most importantly cloud-native integrations, are giving organizations the ability to truly gain value from all their data. In his session at 19th Cloud Expo, David Tishgart, Director of Product Marketing ...
StarNet Communications Corp has announced the addition of three Secure Remote Desktop modules to its flagship X-Win32 PC X server. The new modules enable X-Win32 to safely tunnel the remote desktops from Linux and Unix servers to the user’s PC over encrypted SSH. Traditionally, users of PC X servers deploy the XDMCP protocol to display remote desktop environments such as the Gnome and KDE desktops on Linux servers and the CDE environment on Solaris Unix machines. XDMCP is used primarily on comp...
Almost two-thirds of companies either have or soon will have IoT as the backbone of their business in 2016. However, IoT is far more complex than most firms expected. How can you not get trapped in the pitfalls? In his session at @ThingsExpo, Tony Shan, a renowned visionary and thought leader, will introduce a holistic method of IoTification, which is the process of IoTifying the existing technology and business models to adopt and leverage IoT. He will drill down to the components in this fra...
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
As the world moves toward more DevOps and Microservices, application deployment to the cloud ought to become a lot simpler. The Microservices architecture, which is the basis of many new age distributed systems such as OpenStack, NetFlix and so on, is at the heart of Cloud Foundry - a complete developer-oriented Platform as a Service (PaaS) that is IaaS agnostic and supports vCloud, OpenStack and AWS. Serverless computing is revolutionizing computing. In his session at 19th Cloud Expo, Raghav...