Incident responders are acting more quickly to combat attacks, including those similar to the recent WannaCry ransomware attack, according to results of the fifth annual incident response survey to be released by SANS Institute in webcasts June 13 and June 14.
According to this new report, response teams are growing in size and are including more dedicated staff, with 84% of respondents reporting at least one dedicated staff member. They are also detecting incidents more quickly. Half of the respondents reported a dwell time of under 24 hours, and 53% were able to contain the incident in that same time frame.
"Incident responders faced unprecedented challenges, including increasingly sophisticated and more frequent attacks, in 2016," says Matt Bromiley, SANS Analyst and author of the associated SANS paper "It is encouraging to see that they are able to detect and contain the incidents so quickly, a testament to the commitment they and their employers have made to secure their environments."
Respondents attributed 68% of the incidents they investigated to malware attacks. Teams also are relying more on in-house detection and remediation, with the use of threat intelligence and endpoint detection tools. The webcast and associated paper will detail how other tools have been used and the role of the budget in incident response, as well as how IR can be improved.
Subscribe to our newsletter for all the latest updates and special offers.
Click Here To view archive additions