Businesses Lack Resources to Defend Against Cyber-Attacks | eWeek

Businesses Lack Resources to Defend Against Cyber-Attacks

it security and sans
Écrit par
Nathan Eddy
Nathan Eddy
Nov 16, 2015
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Although cyber-security breaches have increased 66 percent year over year since 2009, a survey of 476 security and business executives from the SANS Institute, commissioned by DomainTools, indicated that enterprises are falling behind.

Nearly 60 percent of respondents said they are lacking the skills and resources to adequately protect themselves from a breach, doubling since 2014.

“Without question, the biggest shock is that year-on-year we see a doubling of the respondents who say they do not have enough skilled personnel and dedicated resources,” Tim Chen, CEO of DomainTools, told eWEEK. “While it is clear that cyber-attacks continue to grow in number and scope, I was under the hopeful impression that investments in the teams and technologies needed to fight these threats were at least keeping pace. Clearly, that is not the case.”

However, part of this trend is driven by organizations coming to grips with the true magnitude of their cyber-security risk profiles, Chen said.

The research points to an industrywide disconnect, with 43 percent of enterprises fully understanding the importance of cyber-threat solutions but relying on manual processes to protect their organizations.

Only 9 percent of the analytics and intelligence processes used for identifying a breach are automated, according to the survey findings.

“There needs to be more investment in automation and accurate alert prioritization. Vendors need to be working together on integrating their solutions by doing things like building APIs and publishing data in standard formats,” Chen said. “And we need to be able to flag IOCs [indicators of compromise] better, faster or more accurately, showing our customers which ones are the most nefarious and deserve the attention of their limited resources. This is where data and analytics can really be an enabler.”

Almost half of respondents said they are actively integrating data from external threat intelligence providers, and another 31 percent are planning to do so in the future.

The research also found that, that the vast majority (81 percent) are not implementing continuous security models to unearth an attack in real time, but are manually uncovering the attack weeks or months later.

“Security solutions need to be easier to implement and use, and their value proposition has to be clear and ongoing,” Chen said. “On the first point, if in-house security organizations have a shortfall of analysts or engineers, then vendors must build products that are easy to spin up, learn and use and that leverage the staff person’s time and skill set.

“On the second point, we know that many customers are frustrated that certain security solutions they may have bought previously are not living up to the hype they heard during the sales cycle,” he added. “There is a heavier burden of proof on vendors as we head into 2016, and that is a good thing.”

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.