Security team size at the largest organizations does not scale with the number of overall employees, but they are more likely to include staff with specialized roles, say the results of the latest survey conducted by Osterman Research in partnership with ProtectWise.

The similarities

They interviewed 400 security analysts in the US to uncover the state of network security across organizations mid-size and large organizations, and have found that despite a number of differences, mid-sized and large organizations share a number of pain points:

• Two-thirds of all respondents deal with security overload by prioritizing the highest value targets
• Nearly half of the respondents would like for data to be retained longer
• The polled analysts anticipate they will spend more time both on processing security incident logs and remediating security incidents over the next two years.

The differences

The research also pinpointed some of the differences. As noted before, large organizations generally do not have a much larger security team that mid-sized ones.

“The mean number of employees at the largest organizations surveyed was almost 26,000. These companies had an average of 17.5 security personnel, or one security pro for every 1,488 employees,” the survey showed.

At the same time, the mean number of employees at the midsized companies surveyed was almost 2,510 (an average of 13.3 security personnel, i.e., one security pro for every 189 employees).

“This means that security pros at the largest organizations are unable to dedicate the same number of person-hours per 1000 employees than smaller companies can,” the researchers noted.

While keeping in mind that larger organizations face a greater number of threats and generally experience a higher rate of false positives, the survey results have shown that security teams at the largest organizations are spending less hours on detecting and remediating threats than those at mid-sized companies, but more hours at reviewing incident logs.

“Security teams within smaller organizations spend more time and resources on triage. Meanwhile, security teams in the largest organizations are prioritizing threat intelligence, forensics and threat hunting,” the researchers pointed out.

Another thing that differentiates the security teams of large organizations and mid-sized ones is the number of specialized roles:

“Among various specializations, organizations with threat intelligence specialties appear to gain the most significant benefits. Having a TI role does not save security staff any time investigating alerts, but it does saves time in detection/understanding of threats,” they noted.

“Effectiveness seems to increase as teams transition from a simple focus on triage, to triage and threat hunting, finally evolving to triage, threat hunting and threat intelligence.”

Finally, while more than 50 percent of organizations are using both endpoint and network security tools for remediation, the reliance on endpoint-only tools decreases as organization size increases.

“Despite the amount of public discussion and buzz, use of endpoint security to remediate security incidents may be more of an entry-level approach to security management for smaller companies, with organizations graduating to network security as the size of the organization, security team and the number of alerts and threats increases,” the researchers pointed out.

from Help Net Security https://ift.tt/2N5gGmr

As of September 2018, it’s been one year since the historical Equifax mega data breach that impacted nearly half of all consumers in the U.S. Since this monumental invasion of personal data, fraudsters have shown little to no notion of slowing down as evident by the continued emergence of additional data breaches. In fact, within the past year alone, nearly 30 percent of U.S. consumers have been notified of a breach impacting their own personal information, which represents a 12 percent increase since 2016.

In the wake of these widespread data breaches, many organizations have quickly increased their cybersecurity spend and embraced new identity protection protocols to protect their customers’ information. The challenge with this approach is that while technology has historically moved and evolved rapidly to support changes in business and consumer demands, the security protocols surrounding it have had difficulty keeping pace.

Credit freezes are not the panacea

While many businesses have begun to implement comprehensive identity protection services to secure customers’ personal information, they also need to ensure they are leveraging the most robust security offerings. Although customers often turn to their service provider as the first line of defense if they believe their personal information has been compromised or if they are victims of identity fraud, there are times when they will try to manage such an incident on their own. Resolving an identity crime can easily take anywhere from 30 to over 600 hours depending on the depth of fraud.

Compacted by new U.S. legislation that provides consumers with free credit freezes, there is also further consumer confusion on what you really need to do to protect yourself. Credit freezes alone aren’t enough as they can help protect against new accounts opened in your name – which is actually one of the rarest types of identity theft out there, affecting only four percent of victims. Clearly, if you aren’t providing an effective, comprehensive, and timely security response to digital identity theft and fraud, your customers may take their business elsewhere as awareness is growing with the ubiquity of data breaches.

Identity protection matters to your customers

In order to secure consumer information as fraudsters continue to leverage new forms of technology, advancements around cyber and identity protection need to be engrained as part of the ongoing strategic corporate vision. But how? With a 392 percent increase in data breaches over the past decade, there’s no time to waste in identifying and incorporating the changes that need to be made.

The goal in taking advantage of new approaches and technologies to better serve customers should also involve ensuring that the latest innovations support and improve security and compliance. Not only will this assist in managing a well-rounded company image, but it has been proven that upon offering a service like identity theft protection, customer retention rises. Case in point: one study underscores that 97 percent of new account holders who adopt identity protection offerings remain a customer.

Secure today, secure tomorrow with digital identity theft protection

When it comes to comprehensive offerings, consumers want services that can be customized based on their specific needs. This allows for the unique wants and needs of both customers and the business to be met while ensuring the right security measures. The technology leveraged for these processes should be easy-to-use, allowing for customers to intuitively navigate the capabilities from their computer, smartphone, or other electronic device quickly. Most importantly, the services also need to be highly flexible in order to grow and evolve as the factors impacting business and customers continually pivot.

Speaking of flexibility, in today’s highly-connected world, there are constant updates to the technology customer’s use. From identity protection to other cybersecurity solutions, all comprehensive services should keep up with emerging technologies so that customers feel their information is safe and still viewed as important by their providers.

Providing these robust security offerings clearly brings advantages to consumers, but also positively impacts the business by providing an added touch point to communicate with customers. These points of contact allow for the business to continuously remind the customer just how valued they are by their financial provider, but also all that is being done to ensure the safety of their personal information. These frequent status updates can be executed in a number of ways from email, to app notification, to a text message.

Not only do these capabilities showcase the fact that these businesses care for their customers, but it also gives them the opportunity to offer white-glove resolution and recovery services if and when an identity crime does occur (and collapsing the massive amount of time customers themselves need to spend doing paperwork, making phone calls, providing validation, and much more). By offering these capabilities to customers, your company will be able to reinforce tangible value, which can fuel increased loyalty and decrease attrition.

At the end of the day, no one can argue the value of putting additional security measures in place to protect today’s consumers and businesses. With fraudsters gaining access to the same level of technology driving the next big innovation to disrupt our lives, the question is not “if,” but “when” the next big data breach will hit. Take the right measures today and tomorrow with the services and solutions your customers need to protect what matters most.

from Help Net Security https://ift.tt/2DxDvQ7

Sonatype today released its fourth annual State of the Software Supply Chain Report, which reveals the widespread use of vulnerable software components by businesses around the world.

While open source continues to be a key driver of innovation – with software developers downloading more than 300 billion open source components in the past 12 months – hackers are exploiting this growing trend, and even beginning to inject vulnerabilities directly into open source projects. The findings show that use of vulnerable components has increased by 120%, leaving organisations that lack proper governance wide open to attacks.

However against this backdrop, the report reveals the critical role automation plays in mitigating risk and supporting innovation, with automated software supply chains 2X more efficient and 2X more secure than manual parsing.

Other key analysis includes examination of critical issues in the open source software environment and ecosystem, with 62% of businesses admitting to not having proper knowledge about the OSS components in their applications. Currently over 1.3 million vulnerabilities in OSS components do not have a corresponding CVE advisory in the public NVD database.

“As open source accelerates to its zenith of value, the underlying fundamentals of the ecosystem and the infrastructure supporting it, are increasingly at risk,” says Wayne Jackson, CEO of Sonatype. “A series of high profile and devastating cyber attacks last year demonstrated the intent and ability to exploit security vulnerabilities in software supply chains. This year’s report proves, however, that secure software development isn’t out of reach. The application economy can grow and prosper in regulated, secure environments, if managed properly.”

The comprehensive report incorporates a combination of public and proprietary data to examine patterns and practices underpinning open source software development and modern software supply chains. Additional findings include:

Supply, and demand for, open source shows no sign of slowing down:

• More than 15,000 new or updated open source releases are made available to developers every day
• The average enterprise downloaded 170,000 Java components in 2017, up 36% year over year.

Managed software supply chains are 2X more efficient and 2X more secure:

• Automated OSS security practices reduce the presence of vulnerabilities by 50%
• DevOps teams are 90% more likely to comply with open source governance when security policies are automated.

Hackers are beginning to assault software supply chains:

• Over the last 18 months, a series of no less than 11 events triangulate a serious escalation of attacks on the software supply chain
• These assaults, which include hackers injecting vulnerabilities directly into open source projects, represent a new front in the battle to secure software applications.

The window to respond to vulnerabilities is shrinking rapidly:

• Over the past decade, the meantime to exploit open source defects in the wild has compressed 400%, going from an average of 45 days to just 3.

Governments are stepping in, as enterprises struggle to self-regulate:

• 19 different governmental organisations around the world have called for improved OSS security and governance.

“We are seeing more breaches in open source software because of the gravitational force that pulls features, complexity, and technical debt towards a software system over time, which make it very difficult to patch in a timely fashion Unfortunately, that hasn’t changed the consumption rate of open source software by developers. This is consistent with what I believe is a growing concern… that developers may have surrendered to the idea that all software is vulnerable and have known vulnerabilities. We must give developers better supply chain options where quality and security are intrinsically designed-in,” said Kevin E. Greene, Principal Software Assurance Engineer, The MITRE Corporation.

from Help Net Security https://ift.tt/2NKBQLu