Sixty-one percent of 621 information technology professionals who responded to a SAS-sponsored survey said they believe security analytics is critical to cyber defense programs.
SAS said the Ponemon Institute surveyed IT and IT security personnel who are involved with their organizations’ security analytics during the month of December 2016 for the company’s “When Seconds Count: How Security Analytics Improves Cybersecurity Defenses” report.
Seventy-one percent of respondents said they expect the use of security analytics to increase over the next year.
The study also found that 56 percent of IT professionals surveyed describe their initial deployment of security analytics as “difficult” or “very difficult” and 65 percent of these individuals cited configuration and required tuning as implementation obstacles.
“Nearly all solutions require initial configuration and tuning for optimal performance,” said Stu Bradley, vice president of SAS’ cybersecurity solutions business.
“Organizations can avoid many pitfalls by clearly defining workflows and project goals before starting an implementation,” Bradley added.
SAS noted that data issues were also identified as deployment challenges in the study, with 51 percent of respondents citing “too much data” and 45 percent noting problems related to data access.
Sixty-five percent of surveyed individuals face data quality, integration or volume management challenges.
Respondents also identified the most important problems security analytics platforms must detect with data exfiltration at 50 percent; adversary reconnaissance at 40 percent; and adversary lateral movement and insider threats at 36 percent each.
Half of the respondents named account compromise as the top threat that their security analytics can detect while 48 percent reported privilege escalation and 46 percent cited malware deployment or delivery.