The average global response to a cyberattack is 20.9 hours, according to the recently released Deep Instinct Voice of SecOps Report. Security operations professionals cite threats from within as a persistent issue; 86 percent do not have confidence that their fellow employees will not click on malicious links, easily allowing threats into an environment and initiating an attack or breach.
The report surveyed cybersecurity professionals about their top concerns and focuses, including:
- Concerns about addressing cyberattacks: The lack of threat prevention specific to previously unseen malware (44%) is a top concern. Hidden persistence, whereby threat actors discretely maintain long-term access to systems despite disruptions such as restarts or changed credentials, is the most feared tactic used by attackers to launch large-scale attacks (40%). Finally, a lack of qualified security operations staff (35%) causes challenges for incident response, especially amongst those working in healthcare (52%) and the public sector (55%).
- Complete endpoint security coverage remains elusive: Nearly all cybersecurity leaders surveyed (99%) believe they don’t have every endpoint in their company secured by at least one agent. One-third (32%) of respondents claim that every endpoint has the same level of protection, with a majority of 60% claiming they are unable to consistently block threats across endpoints.
- Cloud storage and malicious file challenges: Files stored in the cloud are an unchecked vulnerability for 80% of respondents. Sixty-eight percent of respondents had some concern with fellow employees unwittingly uploading malicious files and compromising environments.
The report surveyed from 1,500 senior cybersecurity professionals across 11 countries, representing various sectors: financial services, retail and eCommerce, healthcare, manufacturing, government, critical infrastructure and technology-related businesses.
Read more report findings here.
Source: https://www.securitymagazine.com/articles/96344-insider-risk-slow-cyberattack-response-among-worries-for-security-professionals