Arbor Networks launched a new tool to help security teams assess their current incident response profile and capabilities versus their peers and state of the art practices.
The Arbor Assessment tool is based on a year-long set of in-depth interviews of security officers across multiple industries. Incident Response Profiles that used “proactive” processes and security resources to hunt for attacks and integrate threat intelligence actively into their response function, had found and contained advanced attacks much faster than those in Detect and Respond models.
Organisations that had matured their functions to include threat hunting and integrated intelligence processes reported mean dwell and contain times of under 21 days to identify, and less than 5 days to contain a threat. Industry averages are 10 times these metrics.
“There is a major shift happening in security today, not by choice, but out of necessity as organizations find themselves lagging behind attackers who are launching extremely targeted, advanced threat attack campaigns. The problem is how long it takes to find and identify the attacks, and then validate and contain the threat. It’s a combination of data overload and alert fatigue for many. Organizations are looking at how they can structure and approach security operations and incident functions and teams differently to face-off against the new attack landscape more effectively. We are hopeful that this assessment tool is just one of the ways we can help organizations evolve their practices to close the gap against attackers.” said, Matthew Moynahan, president of Arbor Networks.