It seems organizations are still struggling with two core issues today in the modern enterprise: inability to swiftly respond to breaches and securing their cloud deployments.
That’s the headline takeaway form the State of Dynamic Data Center and Cloud Security in the Modern Enterprise survey from SANs that was released earlier this week. The survey was based on responses from 430 private and public sector security and risk professionals from the SANS community. Respondents come from enterprises with as few as 100 employees to those with over 15,000 employees.
The survey found that a sobering 44% of respondents had sensitive data accessed without authorization. Additionally, 28% of organizations have experienced up to six data breaches in the past 24 months.
The survey also found that mature security technologies, such as firewalls, intrusion detection/prevention systems, and antimalware software are deployed within 75% to 96% of enterprises surveyed. No big surprise there.
While too many enterprises are struggling in their ability to stop attacks, they’re also struggling to respond to attacks underway. According to the survey, 59 percent of respondents claimed to be able to contain attacks within 24 hours. Not bad. Here was the breakdown in the breach containment assertions by respondents:
37% — up to 8 hours
21% — up to 24 hours
19% — less than a week
17% — more than a week
Not surprisingly, more than half, or 55% of respondents were dissatisfied at the length of time it takes them to stop and respond to attacks.
I would conclude that such a disparity in response times comes down to the types of breach detection tools installed and the response teams in place and the skills of the team members. I think many organizations are probably overly optimistic in their ability to respond to and contain breaches within 8 hours.
The survey results also found, when it comes to cloud security, enterprises report having a lack of technologies and abilities to mitigate and control specific challenges in cloud environments. While 37% of organizations in the survey use distributed cloud and data center systems, 44% of respondents said their biggest challenge was lack of visibility into those systems, 19% said their cloud providers don’t offer the support they need.
Not that these enterprises actually understood the support or security services they need. Nearly half, or 49 percent, have no formal cloud security strategy in place.
If surveys like this one and others are reflective of reality, we are going to be grabbling with cloud security issues for many more years ahead.
The survey is available here.