What keeps security managers and analysts up at night? According to the bi-annual Voice of SecOps Report–a survey from Deep Instinct–there are a variety of persistent challenges that cybersecurity professionals worry about. The bigger issue, however, is that despite these concerns many organizations cling to legacy security tools that can’t protect against modern threats and remain unprepared to address these issues.
Diving Into the Voice of SecOps Report
Deep Instinct commissioned the survey in cooperation with Hayhurst Consultancy. Hayhurst Consultancy conducted interviews with 1,500 cybersecurity professionals across 11 countries to understand the threats they face and the steps they are taking to combat them. The participants represent a range of business sectors, including financial services, healthcare, manufacturing, critical infrastructure, and more—but focused on organizations with at least 1,000 employees and $500 million in annual revenue.
There are many interesting data points in the report, but one that stands out has to do with time. Time is crucial during a cyber attack. The report explains, “Our research shows that it currently takes SecOps teams the better part of 24 hours to respond to a typical cyber event once it has been detected. Remediation often takes several additional days – and sometimes weeks or months. Given that the fastest ransomware can encrypt in just 15 seconds, there is often substantial dwell time for attackers to move laterally before detection – an “SLA” that is untenable to CISOs and customers.”
Preventing the threat in the first place would be the ideal solution—but only 45% of those surveyed believe it is actually possible to prevent all malware threats. The rest believe that their current security stack lacks comprehensive threat prevention to detect unknown malware threats (44%), or that it is improbably to identify zero-day threats before they execute (43%), or that a lack of staff with the proper training impedes them from implementing more prevention measures (39%), or that the sheer volume of endpoints that need protection is simply too much (29%).
The challenge then, is how to detect threats as quickly as possible and dramatically reduce the time between detection and resolution. When malware is executing in minutes—or seconds—and spreading laterally throughout the network to compromise other vulnerable endpoints, you don’t have 24 hours to take action to stop the threat. Whatever that solution is, though, it will need to be automated because the pace of cyber attacks is too great for any manual process or human intervention to keep up with.
While complete prevention is elusive today, many of the survey participants expressed optimism that is achievable. The report sums up with, “There is confidence in the possibility of complete prevention in the next 2-5 years. If we plan to move ahead of sophisticated attackers who are constantly shifting attacks and creating harder-to-detect malware, we must address how to stop threats earlier, before they land inside our networks.”
“Ransomware and malware attacks aren’t going away anytime soon. That’s why organizations need to better position themselves to combat potential threats with a pre-execution, prevention-first approach,” said Guy Caspi, CEO of Deep Instinct in a press release. “The survey findings shed light on the multiple challenges that security teams face on a daily basis and provides insights into the serious needs that the industry needs to address. This research exposes gaps in organizations’ security posture, including a lack of full coverage on the endpoint, exposure in cloud storage, and malicious file uploads by internal sources into production systems.”
Accelerating Cybersecurity with Deep Learning
Deep Instinct has a cybersecurity solution that takes a unique approach. The problem with most cybersecurity tools is that they’re reactive. Many rely on signatures or indicators of compromise to be able to identify and detect threats—but both of those things require that the threat be discovered and analyzed first. That means they do little to nothing to protect you from zero-day or other unknown emerging threats.
In the cases where traditional security tools do detect malicious activity, most generate an overwhelming number of alerts with very little context and do nothing to actually stop the threat—leaving it to the IT security team to prioritize and respond. To add insult to injury, there is also often a relatively high rate of false positives, which wastes security resources and affects the ability to address real threats.
The Deep Instinct platform is powered by deep learning and takes a prevention-first approach to stopping ransomware and other malware using the world’s first and only purpose-built deep learning cybersecurity framework. Deep Instinct promises malware prevention in under 20 milliseconds, greater than 99% accuracy against zero-day threats, and less than 0.1% false positives.
Those are impressive claims—perhaps even a little unbelievable. However, the company also backs its protection with a $3 million ransomware warranty, so it’s fair to say that Deep Instinct is relatively confident that it can protect your environment against these threats.
Take a look at the full Voice of SecOps Report for more interesting insights. If you are concerned with your ability to effectively detect and respond to cyber attacks, you should also take a look at Deep Instinct and see what a deep learning framework can do for you.