Over 45 Cyber Security Courses at SANS 2018 in Orlando! Save up to $200 thru 2/28.


Negative Impacts of Disjointed Security and Response Functions: Results of SANS' Survey on Security Optimization

Centralization of functions, workflow and data needed to improve visibility and risk profile

  • Bethesda, MD
  • April 10, 2017

Organizations are asking for more centralized visibility and workflow across the prevention, detection and response functions, according to results of a new survey to be released by SANS Institute on April 20, 2017.

Survey results confirm what those in the field have known for a long time: There is a lack of centralization of information and visibility that affects organizational security. Shortages in reporting capabilities, either because of limitations in automation or centralization, are cited by 91% of the survey respondents. In addition, 87% report lack of visibility in risk posture, and 84% lack visibility into live threats under investigation.

Despite low rates of integration, the value of pooling security resources and functions is not lost on these respondents. In this survey, 63% of respondents see great value in integrating prevention, detection, response and remediation to improve visibility and accuracy and to reduce time investment, while 23% see at least some value.

"Although there is no obvious best practice, it seems clear that optimized security affects the entire organization and cannot be accomplished by multiple separate groups that don't interact with each other," says G.W. Ray Davidson, SANS Analyst and author of the survey results paper. "Organizations need to move toward a more unified security strategy that leverages centralized data through a documented system and shared knowledge and processes across teams and tools."

Full results of the survey will be shared during an April 20 webcast at 1 PM EDT, sponsored by ThreatConnect and hosted by SANS. Register to attend the webcast at www.sans.org/webcasts/102532

Those who register for the webcast will also receive access to the published results paper developed by SANS Analyst and security expert, G.W. Ray Davidson.

Tweet This:

How coordinated or disparate are your security and IR functions? | Register for April 20 webcast | www.sans.org/webcasts/102532

What risks are associated with lack of continuity between security and response? | Register for April 20 webcast | www.sans.org/webcasts/102532

April 20 webcast explores integration of security and IR functions and the effect on security | Register at www.sans.org/webcasts/102532

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (https://www.sans.org)