Enterprises Identify Incident Detection Weaknesses
In the past, many large organizations spent about 70% of their security budgets on prevention and the remaining 30% on incident detection and response. Prevention is still important but given the insidious threat landscape, enterprises must assume that they will be breached. This means that they need the right processes, skills, and security analytics to detect and respond to security incidents effectively, efficiently, and in a timely manner.
Which areas of incident detection/response need the most attention? In a recent research project, ESG asked 315 security professionals working at enterprise organizations (i.e. more than 1,000 employees) to identify incident detection/response areas where their organizations are particularly weak. Here’s a synopsis of the ESG research along with my editorial comments:
To read the complete article, CLICK HERE