Overconfidence Leaves Firms Exposed to Security Risk

In July 2018, Cisco commissioned Forrester Consulting to carry out a study on endpoint and network security strategies. Forrester spoke with 115 IT decision makers, and published the results as a Forrester Opportunity Snapshot titled “Don’t Just Integrate, Automate”. Survey respondents were asked, “On average, how long does it take to identify and remediate an information security incident (including a breach, suspicious threat, or infection) at your company?” to which the responses were:

• Less than one hour, 22%
• Between one and three hours, 34%
• Between three and five hours, 25%
• Between five and ten hours, 10%
• Between 10 and 24 hours, 9%

Forrester noted that these response times are “shockingly fast” – a previous Forrester study, “Now Tech: Endpoint Detection and Response, Q1 2018”, indicates a much higher time-to-detection period of 100 days. So, what is the disconnect in the self-reported response times?In the July 2018 survey, survey respondents were higher-level professionals: 14% were C-level executives, 24% were VPs, and 62% were directors. Chances are that higher-level decision makers are less aware of the time between detection and remediation. They may not fully understand that threats can go months without being detected. Because of this misunderstanding, firms are likely way more vulnerable than they think. The difference between hours and months can have a dramatic impact on your business. Businesses must fully investigate how long the identification period is. If they are unable to investigate that or the identification period is months long, then they need to invest in security solutions that provide more visibility and automation. To ensure your overconfidence is not undermining your business, read the full Forrester Opportunity Snapshot, “Don’t Just Integrate, Automate”.Author: Cisco, a Cyber Security Awareness Partner