Overconfidence Leaves Firms Exposed to Security Risk

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here

Overconfidence Leaves Firms Exposed to Security Risk

Author: cyberwriter | Published on October 15, 2018 | Views: 2502

In July 2018, Cisco commissioned Forrester Consulting to carry out a study on endpoint and network security strategies. Forrester spoke with 115 IT decision makers, and published the results as a Forrester Opportunity Snapshot titled “Don’t Just Integrate, Automate”.
Survey respondents were asked, “On average, how long does it take to identify and remediate an information security incident (including a breach, suspicious threat, or infection) at your company?” to which the responses were:

  • Less than one hour, 22%
  • Between one and three hours, 34%
  • Between three and five hours, 25%
  • Between five and ten hours, 10%
  • Between 10 and 24 hours, 9%

Forrester noted that these response times are “shockingly fast” – a previous Forrester study, “Now Tech: Endpoint Detection and Response, Q1 2018”, indicates a much higher time-to-detection period of 100 days. So, what is the disconnect in the self-reported response times?

In the July 2018 survey, survey respondents were higher-level professionals: 14% were C-level executives, 24% were VPs, and 62% were directors. Chances are that higher-level decision makers are less aware of the time between detection and remediation. They may not fully understand that threats can go months without being detected. Because of this misunderstanding, firms are likely way more vulnerable than they think.

The difference between hours and months can have a dramatic impact on your business. Businesses must fully investigate how long the identification period is. If they are unable to investigate that or the identification period is months long, then they need to invest in security solutions that provide more visibility and automation. To ensure your overconfidence is not undermining your business, read the full Forrester Opportunity Snapshot, “Don’t Just Integrate, Automate”.

Author: Cisco, a Cyber Security Awareness Partner
cisco security risk

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?