Enterprises continue to struggle with breach response, cloud security

Password security CSC Blogs

It seems organizations are still struggling with two core issues today in the modern enterprise: inability to swiftly respond to breaches and securing their cloud deployments.

That’s the headline takeaway from the State of Dynamic Data Center and Cloud Security in the Modern Enterprise survey from SANS that was released earlier this week. The survey was based on responses from 430 private- and public-sector security and risk professionals from the SANS community. Respondents come from enterprises with as few as 100 employees to those with over 15,000 employees.

The survey found that a sobering 44% of respondents had sensitive data accessed without authorization. Additionally, 28% of organizations have experienced up to six data breaches in the past 24 months.

The survey also found that mature security technologies, such as firewalls, intrusion detection/prevention systems, and antimalware software are deployed within 75% to 96% of enterprises surveyed. No big surprise there.

While too many enterprises are struggling in their ability to stop attacks, they’re also struggling to respond to attacks underway. According to the survey, 59 percent of respondents claimed to be able to contain attacks within 24 hours. Not bad. Here was the breakdown in the breach containment assertions by respondents:

37% — up to 8 hours

21% — up to 24 hours

19% — less than a week

17% — more than a week

Not surprisingly, more than half, or 55% of respondents were dissatisfied at the length of time it takes them to stop and respond to attacks.

I would conclude that such a disparity in response times comes down to the types of breach-detection tools installed and the response teams in place and the skills of the team members. I think many organizations are probably overly optimistic in their ability to respond to and contain breaches within 8 hours.

The survey results also found, when it comes to cloud security, enterprises report having a lack of technologies and abilities to mitigate and control specific challenges in cloud environments. While 37% of organizations in the survey use distributed cloud and data center systems, 44% of respondents said their biggest challenge was lack of visibility into those systems, and 19% said their cloud providers don’t offer the support they need.

Not that these enterprises actually understood the support or security services they need. Nearly half, or 49 percent, have no formal cloud security strategy in place.

If surveys like this one and others are reflective of reality, we are going to be grappling with cloud security issues for many more years ahead.

The survey is available here.


  1. I’ve always thought that the best approach to these questions begins with carefully planned IAM, including strict password policies. Do you assume, as I do, that most companies take the easy way out on these?


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: