Security Pros Want Automated Security, but Hesitate to Deploy It
Two-thirds of security pros polled say automating security analysis is very important to help defend networks, but only about a third of firms have adopted the technology.While nearly two-thirds of security practitioners consider the analysis of device data for security to be very important to protect their networks, only 36 percent of companies currently use data analytics for defense, according to survey data released by the Ponemon Institute on Oct. 28. The survey, based on interviews with more than 600 IT security practitioners and sponsored by security-analytics firm Prelert, found that most security experts considered the automated analysis of security data to be very important to detecting future attacks, but that most companies still relied on human analysts to prioritize potential security alerts. The gap between the perceived usefulness of automated security analysis and the actual deployment of such products suggests that security professionals are worried about the capabilities of existing security-analytics solutions or believe that they are not a target, Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement. "This research reveals some major disconnects that IT professionals seem to have between perception and reality," he said. "While even circumstantial evidence points to the increasing volume and severity of cyber-threats, it's shocking to learn that half of security pros don't even view themselves as a target." The survey's release comes as information sharing and analysis has become a major political issue. While the U.S. Senate's passage of the Cybersecurity Information Sharing Act (CISA) has put external threat intelligence front and center, the Ponemon report suggests that most companies would be better served by finding ways to use existing information in an automated way.
"While the industry will continue to strive for better (and) faster external threat information, organizations can use security analytics today, including machine-learning technology, to gain internal threat intelligence by baselining normal behaviors and detecting anomalies," Mike Paquette, vice president of products for Prelert, told eWEEK in an email.