IT professionals ‘overconfident in cyber attack detection’: study

Published: Tuesday, 16 February 2016 09:01

Tripwire, Inc., has published the results of an extensive study conducted by Dimensional Research on its behalf. The study evaluated the confidence of IT professionals regarding the efficacy of seven key security controls that must be in place to quickly detect a cyber attack in progress. Study respondents included 763 IT professionals from retail, energy, financial services and public sector organizations in the US.

The majority of the respondents displayed high levels of confidence in their ability to detect a data breach even though they were unsure how long it would take automated tools to discover key indicators of compromise. For example, when asked how long it would take automated tools to detect unauthorized configuration changes to an endpoint on their organizations’ networks, 67 percent only had a general idea, were unsure or did not use automated tools. However, when asked how long it would take to detect a configuration change to an endpoint on their organizations’ networks, 71 percent believed it would happen within minutes or hours. Configuration changes are a hallmark of malicious covert activity.

Additional study findings include:

The study is based on seven key security controls required by a wide variety of security regulations, including PCI DSS, SOX, NERC CIP, MAS TRM, NIST 800-53 and IRS 1075.

More information on the study.