Some 44 percent of IT professionals said their endpoint systems have been compromised within the last 24 months, while 15 percent reported that they didn’t know how many threats were detected through proactive hunting, a recent survey shows.
More than a quarter of respondents were notified of a breach by a third party.
One in four employees surveyed admit they couldn’t acquire the information about unauthorized sensitive data that they need to detect threats, 39 percent reported they can’t get endpoint data from memory-based artifacts and 33 percent couldn’t access data on fingerprint running applications.
Some 74 percent of IT professionals want results from endpoint queries in an hour or less and 38 percent want it in five minutes or less. This once again underscores that the ability to quickly investigate is a top priority for companies.
Some 65 percent of respondents said that determining the impacted data on breached endpoints and determining the scope of a threat across multiple endpoints was impossible. Limited visibility into the impact of a breach will harm an organization’s ability to remediate the damage.
SANS surveyed globally 829 IT professionals, including security analysts, security managers, chief information security officers, IT managers or CIOs.