Vectra AI has released a report on ‘The Evolving role of Network Detection and Response (NDR)’. The research found that 70 percent of organizations have fallen victim to an attack that used encrypted traffic to avoid detection. Almost half (45 percent) admitted they’ve fallen victim multiple times. Worryingly, two thirds (66 percent) still don’t have visibility into all their encrypted traffic, leaving them highly vulnerable to further encrypted attacks.
The report shows that cyber security and networking professionals are struggling against rapidly increasing threat detection and response workloads, preventing analysts from dealing with sophisticated threats.
Other key findings include:
- 45 percent of cyber security and networking professionals feel threat detection and response workloads have increased: 40 percent citing more resources in the cloud, and 36 percent more devices on the network.
- 37 percent believe sophistication of threats has increased making it difficult for analysts to spot legitimate attacks.
- 69 percent agree that the lag between exploitation and detection gives attackers too much time to breach a network – with 29 percent also citing communication issues between SOC and other IT teams.
- 23 percent believe SOC analysts do not have the right level of skills, and one-in-five (18 percent) believe they’re understaffed – suggesting security analysts are not equipped to deal with the scale of cyber attacks they face
- 60 percent of SMBs feel threat detection and response is now harder – showing smaller organizations are struggling to keep pace with the evolving cybercrime landscape.
About the research
The Evolving Role of NDR report – conducted by Enterprise Strategy Group (ESG) – surveyed 376 IT, cyber security, and networking professionals responsible for managing network security for their organizations.