Collaboration may be the key to improving the security operations designed to combat today’s advanced security threats, according to a new survey by Intel Security.
Intel Security’s report, “How Collaboration Can Optimize Security Operations,” is based on a survey of 565 security decision makers worldwide. The survey’s findings revealed that organizations could be anywhere between 38 to 100 percent more successful in preparing for possible cyberattacks if threat management, response personnel, and systems worked better together.
“Collaboration is not just an abstract concept, it’s a practical and necessary ‘secret weapon’ in your defense against today’s advanced threats,” the report stated.
By harnessing the power of information sharing organizations can improve their security operations and play a vital role in alleviating the growing shortage of skilled cybersecurity professionals.
As Homeland Security Today previously reported, spurred by the rising number and sophistication of cyberattacks, the demand for cybersecurity professionals is growing four times faster than the overall IT job market, and 12 times faster than the total labor market, according to a March 2014 report by Boston-based Burning Glass International Inc.
In an exclusive statement to Homeland Security Today, Scott Montgomery,Chief Technology Strategist and Vice President, Intel Security, said, “Many organizations are making greater investments in detection tools but still believe they are behind the curve in detecting and mitigating attacks on their networks. Simple changes in policy that foster greater collaboration between the Chief Information Security Officer, network administrators, and incident responders can help alleviate that.”
With the escalation in cyber intrusions, it has become imperative that organizations work harder than ever to protect their assets. The survey revealed that on average, it takes 8 working days for a security investigation to be completed; this includes time from detection to end of clean up. Additionally, 1 in 5 companies utilize between 6 to 15 tools to resolve incidents, with operations teams who concentrate on security taking an average of 4 tools to complete their work.
Advanced threat and incident management tools play a crucial role in migrating threats, with companies who have these solutions performing twice as many investigations as companies without them.
Having advanced security measures creates a sound environment for communication and collaboration. With enhanced awareness, people are more cognizant of the contributions they make in upholding threat management objectives. Yet, there remains the challenges of how people share their information and the level of trust among internal teams.
People within organizations need to learn to trust one another, and by doing so, will become more open to personal responsibility and stronger communication.
“When an emergency security incident strikes, weak collaboration and poor coordination among critical business functions will magnify and stigmatize any inefficiency in the IR process, impacting the organization’s ability to minimize damage and downtime,” said Ismael Valenzuela, IR/Forensics Technical Practice Manager, Foundstone Services, Intel Security. “When we train our customers’ incident response teams, 90 percent of our efforts go to stronger interlock and collaboration between key stakeholders.”
More than 1 in 10 of survey respondents believed that their team could be 100 percent more effective in their efforts as a result of centralized collaboration. Making investments in personnel and information sharing are a couple of the key steps organizations need to take to overcome the fragmented approach that characterizes many security operations approaches today.
“Our report shows that organizations that can improve communication, transparency and accountability between these stakeholders, as well as implement some automation, could enable more rapid detection, fewer errors, higher confidence and a faster time to correct cyberattacks,” said Montgomery.
