Solera Networks released the results of a survey on network forensics which found that an overwhelming number of companies have recently experienced or expect to experience a significant network security breach within the next 36 months.
While many survey respondents believe incident response is necessary; most do not have the capabilities to determine the full scope of an incident when it occurs. This is daunting, given that 75 percent of the respondents believe that an attack will have a significant impact on their company brand and reputation.
Over 200 individuals participated in the survey. All belonged to organizations with at least 1,000 network nodes and either managed or were directly involved in the maintenance of their organization’s computer networks. Highlights of the findings include:
- More than 85 percent of respondents have either had a major network incident in the past 36 months or expect to have a major incident in the coming 36 months
- Over 75 percent of the survey participants agreed that a major security incident has a significant impact on the company’s brand and reputation
- Nearly half of the respondents say that when an attack occurs, it can take two to 10 or more days to determine the full scope of the incident
- Ninety-two (92) percent of respondents believe that it is important to have network forensics capabilities that can capture and record all network traffic; yet only 28 percent were very familiar with network forensic solutions
- While 76 percent feel that they need to do more and their organization would benefit from more incident response tools, about half of the respondents spend less than 25 percent of their overall security budget on incident response and a fourth don’t have an effective incident response plan in place.
“In 2008, more than 285 million records were compromised,” said Steve Shillingford, CEO of Solera Networks. “That number is staggering, and it’s only from 90 confirmed breaches. T-Mobile, Pepsi, Merrill Lynch and American Express are just a few companies that have been under attack and have experienced an impact to brand reputation and trust. It demonstrates that despite the many prevention tools that are in place, a breach is inevitable. Companies that want to quickly respond and remediate must have a comprehensive network forensics solution in place for incident response.”