Korea Zinc Plans $6.78 Billion U.S. Smelter Investment With Government Partnership 
FAA Unveils Flight Plan 2026 to Strengthen Aviation Safety and Workforce Development 
California Jury Awards $40 Million in Johnson & Johnson Talc Cancer Lawsuit 
SpaceX Begins IPO Preparations as Wall Street Banks Line Up for Advisory Roles 
SUPERFORTUNE Launches AI-Powered Mobile App, Expanding Beyond Web3 Into $392 Billion Metaphysics Market 
Woolworths Faces Fresh Class Action Over Alleged Underpayments, Shares Slide 
Blackstone Leads $400 Million Funding Round in Cyera at $9 Billion Valuation 
United Airlines Tokyo-Bound Flight Returns to Dulles After Engine Failure 
Apple Explores India for iPhone Chip Assembly as Manufacturing Push Accelerates 
Coca-Cola’s Proposed Sale of Costa Coffee Faces Uncertainty Amid Price Dispute 
Shell M&A Chief Exits After BP Takeover Proposal Rejected 
Fortescue Expands Copper Portfolio With Full Takeover of Alta Copper 
Sanofi’s Efdoralprin Alfa Gains EMA Orphan Status for Rare Lung Disease 
Nvidia Weighs Expanding H200 AI Chip Production as China Demand Surges 
Trump Sues BBC for Defamation Over Edited Capitol Riot Speech Clip 
HSBC’s $13.6 Billion Take-Private Offer for Hang Seng Bank Gains Board Backing 
Biren Technology Targets Hong Kong IPO to Raise $300 Million Amid China’s AI Chip Push 
BOSTON, Jan. 13, 2016 (GLOBE NEWSWIRE) -- Rapid7, Inc. (NASDAQ:RPD), a leading provider of security data and analytics solutions, today released the results of its 2015 Incident Detection and Response Survey. The survey includes findings from hundreds of security professionals at organizations of varied sizes across the globe on their biggest security concerns and planned initiatives for 2016. Punctuating the results were two key points: (1) 90% of organizations are worried about compromised credentials, though 60% say they cannot catch these types of attacks today; and (2) 62% of organizations are receiving more alerts than they can feasibly investigate.
These key findings are strongly underscored by the fact that compromised credentials have been the leading attack vector for the last five years according to the Verizon 2015 Data Breach and Investigations Report. Additionally, intruders generally remain undetected for an average of 197 days within retail organizations and 98 days within financial services organizations once they’ve breached a network.
“Security professionals are struggling to detect and investigate incidents because the monitoring solutions available do not provide visibility into today’s modern IT environments and cannot give users the insight they need to make decisions quickly,” said Lee Weiner, senior vice president of products and engineering at Rapid7. “This lack of understanding – or context – is causing massive alert fatigue and leaving companies unable to effectively detect the most used attack method today: compromised credentials.”
Information security teams are expected to mitigate risk in sprawling environments, where employees are remotely accessing the network, at any time, from any place. The network perimeter has now expanded to include cloud services, mobile devices, and global workforces that encompass partners and contractors, making prevention as the sole security strategy effectively obsolete. Preventative solutions alone cannot protect against many of the most common attack vectors behind breaches, such as phishing and stolen credentials.
In an effort to better monitor their IT environments, security teams are investing further in incident detection and response solutions to detect and contain compromise when it occurs. However, while 55% of organizations say they are using a SIEM (Security Information and Event Management) to aid with incident detection and response, alarmingly, 62% of these organizations report receiving more alerts than they can handle. In addition, SIEMs are not being used to monitor cloud services in use, leaving organizations blind to this important part of modern IT environments.
Additional highlights from the survey include:
- 45% of respondents plan to increase spending on incident response programs and solutions
- Only 1/3 of organizations report visibility into cloud services, while 79% of respondents reported allowing the use of at least one cloud service within their organization
- The top three challenges facing security teams today are: (1) no visibility into user risk; (2) more alerts than the security team can handle; and (3) investigations that take too long
To view the full report from Rapid7 or register for our webcast, visit: http://www.rapid7.com/resources/incident-detection-response-survey.jsp
About Rapid7
Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cyber security. We combine our extensive experience in security data and analytics and deep insight into attacker behaviors and techniques to make sense of the wealth of data available to organizations about their IT environments and users. Our solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks. Rapid7 is trusted by more than 4,400 organizations across 90 countries, including 35% of the Fortune 1000. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.
Press Contact: Rachel E. Adam Senior PR Manager 857-415-4443 [email protected]
