Research Exposes Organizations' Struggles to Cope with Incident Response Demands

By CIOReview | Wednesday, March 16, 2016

PALO ALTO, CA: In an attempt to assess the current practices and challenges in Incident Response (IR) processes, enterprise security company Phantom conducted a research in collaboration with Enterprise Strategy Group (ESG), surveying 125 IT and cybersecurity professionals. The research revealed that 74 percent of companies ignore security alerts, as they cannot cope with the overwhelming volume of IR demands. Furthermore, respondents were asked about their future strategic plans intended to improve the efficacy and efficiency of IR activities while exploring the need for security automation and orchestration in organizations.

Based on the data collected, the research found that 92 percent of respondents consider difference in skill levels among the employees as a major factor in handling incident responses. 67 percent of organizations believe, IR is significantly more difficult than it was two years ago while 69 percent claimed IR could be managed effectively through automation and orchestration. Then again, a vast majority (80%) of organizations intends to increase spending on incident response over the next two years by intensifying IR training, hiring personnel, and creating a dedicated SOC/CERT.

“Organizations are constantly trying to balance their resources when it comes to identifying and remediating today’s sophisticated attacks,” said Jon Oltsik, Principal Analyst, Enterprise Strategy Group. “As more and more organizations realize the significance of effective incident response, we are seeing an increase in budgets with the intention to adopt more automated solutions. The market is becoming ripe for solutions that not only make it easier for security teams to do their jobs, but also enhance current security investments through strategic automation and orchestration.”

However, in order to help organizations tackle their security challenges, Phantom has come up with a solution that addresses everything from preventative protection and incident response, to regeneration of the environment. Phantom orchestrates key stages of security operations from prevention to triage and resolution. Additionally, Phantom “Playbooks” simplifies complex workflows, thereby enabling organizations to perform security operations within a matter of seconds.

“It has become very clear that security risks are only going to increase, and in order to stay ahead of the threat curve, companies can no longer rely on manual processes. At Phantom we strive to give our customers the automation and orchestration necessary to enable them to get the most out of their security investments and make it much easier to address pertinent incidents,” added Oliver Friedrichs, Co-founder & CEO, Phantom.