Last Day to Save $400 on 4-6 Day Courses at SANS Cyber Defense Initiative 2017!

Press


New SANS Institute Survey Shows Data Breach Prevention Practices Are Evolving

Practitioners Are Working to Understand and Implement Effective Preventive Measures

  • Bethesda, MD
  • September 7, 2016

Despite the potential costs, legal consequences and other negative outcomes of data breaches, they continue to happen. A new SANS Institute survey looks at the preventive aspect of breaches - and what security and IT practitioners actually are, or are not, implementing for prevention.

The survey, Breach Detected! Could It Have Been Prevented?, looked at how practitioners might overcome barriers to implementing effective prevention, including developing clear requirements and defining specific preventive measures, such as the role of automation, threat intelligence and others.

The survey also illustrates an apparent disconnect between what is considered preventive by the majority of respondents and the measures that have been implemented for prevention:

  • 85 percent of respondents consider blocking known malware as a preventive measure, yet less than half (40 percent) have implemented these methods;
  • 63 percent consider robust testing is preventive, while only 39 percent have implemented robust testing;
  • Nearly 60 percent consider metrics-based evaluation and reporting preventive but only 40 percent are using evaluation and reporting.

Said SANS Institute senior analyst and survey paper author Barbara Filkins, "Many data breaches can be avoided or the impact mitigated, but preventing them continues to be a challenge in the real world. The survey illustrates the disconnect between what respondents consider preventive controls versus what they have implemented as preventive measures."

Respondents indicated that lack of enough staffing, inadequate budgets and a deficit of skills are barriers to preventing breaches. Limitations in legacy infrastructure also emerged as a factor prohibiting organization from not being more proactive in protecting critical data.

"We must change the way we think about cybersecurity today and address the gap between understanding preventative measures and actually implementing them," said Rick Howard, chief security officer, Palo Alto Networks. "If we adopt a breach prevention-oriented mindset, the combination of next-generation technology, improvements in processes and training, and real-time sharing of threat intelligence, organizations can vastly reduce the number of successful attacks and restore the digital trust we all require for our global economy."

"Data collected from survey respondents points to the need to better define prevention in terms of the metrics (qualitative or quantitative) that can be used to explain and justify preventive measures to management/decision makers in an organization," said Filkins.

The survey also looked at how practitioners might overcome barriers to implementing effective prevention, including developing clear requirements and defining specific preventive measures, including the role of automation, threat intelligence and others.

Full results will be shared during a free webcast Tuesday, Sept. 13, 1:00 p.m. Eastern Standard Time, sponsored by Palo Alto Networks.

Register to attend the complimentary webcast at:
http://www.sans.org/webcasts/breach-detected-prevented-102292
Those who register for the webcast will also receive access to the published results paper.

Tweet this:


Breach Detected! Could It Have Been Prevented?" SANS 2016 Data Breach Survey results w/ @PaloAltoNtwks 9/13 1PM EDT www.sans.org/u/kQM

UPCOMING WEBCAST! Don't miss the SANS 2016 Data Breach Prevention Survey results w/ @PaloAltoNtwks | 9/13 @ 1PM EDT| www.sans.org/u/kQM

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (https://www.sans.org)