Welcome!

News Feed Item

Analytics Usage Improves: Results of SANS' 2016 Survey on Security Analytics

Analytics Usage Up, Automation Improving, Personnel/Training/Funding Remain Key Impediments

BETHESDA, Md., Nov. 30, 2016 /PRNewswire-USNewswire/ -- Cyber security professionals have become more aware of the value of analytics and have moved beyond using analytics for detection and response to using analytics to measure and improve their overall risk posture, according to results of a new survey to be released by SANS Institute in a two-part webcast on December 7 and December 8, 2016.

"Each year more and more organizations look to security analytics to shore up their cyber security defenses," says SANS senior instructor and author of the report, Dave Shackleford. In the survey, only 11% of survey respondents either don't use analytics or don't know that they do.

Of the 44% who were able to quantify improvements, 17% reported increased visibility into actual events or breaches, and 11% reported improved detection of unknown threats, with an equal percentage noting reduced duration of events.

Utilization of security analytics is slowly rising, but there is much room for improvement in the use of analytics, results show.

As in previous SANS surveys on security analytics, the greatest impediments to implementing analytics and reaping the advantages of security analytics continue to be lack of qualified staff and funding/resources to implement programs. Because of these shortcomings, 49% have prioritized investment in personnel/training, 42% are looking to make detection and security operations center upgrades and 29% plan to invest in integrating incident response into their analytics programs in the coming years.

"One of the best ways to overcome shortages in staffing and funding is through automation," adds Shackleford. "Machine learning offers insights that could help less-skilled analysts with faster detection, automatic reuse of patterns detected and more, leading to related improvements in risk posture."

In this survey, 54% of respondents rated their programs as being "Fairly automated," while only 4% considered their programs to be fully automated. Unfortunately, only 22% said they deployed machine analytics to enable better, faster decision making, while 54% said their programs did not use machine learning as part of their analytics programs, and 24% didn't know.

Full results will be shared during a two-part webcast at 1 PM EDT on both December 7 and December 8, sponsored by AlienVault, Anomali, LogRhythm, LookingGlass Cyber Solutions, and Rapid7, and hosted by SANS.

The Part 1 webcast, held December 7, which focuses on how organizations are utilizing security analytics during real threat events, how they're utilizing analytics and intelligence, and how automated their processes are: Register for Part 1 at  www.sans.org/webcasts/102630

The Part 2 webcast, held the following day on December 8, focuses on improvements in risk posture associated with security analytics as well as best practices for implementing analytics programs: Register at www.sans.org/webcasts/102635

Those who register for the webcasts will also receive access to the published results paper developed by SANS Analyst and cyber security expert, Dave Shackleford.

Tweet This:

Catch the two part webcast series unveiling results of the SANS 2016 Security Analytics Survey | 12/7 & 12/8 | www.sans.org/u/ntB

"Each year more & more organizations look to security analytics to shore up their cyber security defenses"- Full story w/ Dave Shackleford |12/7 & 12/8 | www.sans.org/u/ntB 

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (www.SANS.org)

 

To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/analytics-usage-improves-results-of-sans-2016-survey-on-security-analytics-300370590.html

SOURCE SANS Institute

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
"We are a modern development application platform and we have a suite of products that allow you to application release automation, we do version control, and we do application life cycle management," explained Flint Brenton, CEO of CollabNet, in this SYS-CON.tv interview at DevOps at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
"ReadyTalk is an audio and web video conferencing provider. We've really come to embrace WebRTC as the platform for our future of technology," explained Dan Cunningham, CTO of ReadyTalk, in this SYS-CON.tv interview at WebRTC Summit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Major trends and emerging technologies – from virtual reality and IoT, to Big Data and algorithms – are helping organizations innovate in the digital era. However, to create real business value, IT must think beyond the ‘what’ of digital transformation to the ‘how’ to harness emerging trends, innovation and disruption. Architecture is the key that underpins and ties all these efforts together. In the digital age, it’s important to invest in architecture, extend the enterprise footprint to the cl...
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
"Dice has been around for the last 20 years. We have been helping tech professionals find new jobs and career opportunities," explained Manish Dixit, VP of Product and Engineering at Dice, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smar...
Rapid innovation, changing business landscapes, and new IT demands force businesses to make changes quickly. In the eyes of many, containers are at the brink of becoming a pervasive technology in enterprise IT to accelerate application delivery. In this presentation, attendees learned about the: The transformation of IT to a DevOps, microservices, and container-based architecture What are containers and how DevOps practices can operate in a container-based environment A demonstration of how ...
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
Successful digital transformation requires new organizational competencies and capabilities. Research tells us that the biggest impediment to successful transformation is human; consequently, the biggest enabler is a properly skilled and empowered workforce. In the digital age, new individual and collective competencies are required. In his session at 19th Cloud Expo, Bob Newhouse, CEO and founder of Agilitiv, drew together recent research and lessons learned from emerging and established compa...
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service. In his session at 19th Cloud Exp...
"Venafi has a platform that allows you to manage, centralize and automate the complete life cycle of keys and certificates within the organization," explained Gina Osmond, Sr. Field Marketing Manager at Venafi, in this SYS-CON.tv interview at DevOps at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.