TABLE OF CONTENTS
INTRODUCTION
KEY SURVEY FINDINGS
OVERVIEW
Confdence in security posture
Cyber threats of concern
Top security challenges
Organizational barriers
Security business impact
Cyber attack outlook
Capacity to detect threats
Sources of monitoring data
THREAT MANAGEMENT
Threat management response
Threat management priorities
Ransomware
Threat management platforms
Aspects of threat management
Threat management capabilities
Cyber attack recovery
Threat management budget
THREAT INTELLIGENCE
Threat intelligence measures
Users of threat intelligence
Threat intelligence impact
Prioritization of security events
INSIDER THREAT
Insider threat confdence
Nature of insider threats
Growth of insider threats
Combating insider threats
Risky users
Internal vs external attacks
Speed of recovery
METHODOLOGY & DEMOGRAPHICS
SPONSORS OVERVIEW
CONTACT US468101214161820
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
38
45
THREAT MONITORING
DETECTION & RESPONSE
2017 REPORT
We believe that the insights from this report will
provide valuable guidance on effectively identifying
and addressing a range of cyber threats.
We would like to thank our study sponsors for
supporting this research on a critical topic within
the information security community:AlienVault|
Bitglass|BluVector|ControlScan|Delta Risk|
DomainTools|Dtex|EventTracker|Exabeam|
ObserveIT|SoftActivity|Tenable
In addition, we want to thank all survey participants
who provided their time and input in completing
the study.
We hope you will enjoy reading this report and gain
insight from its major fndings.
Thank you,
Holger Schulze
INTRODUCTION
Information security teams worldwide
are increasingly concerned about the
rapid growth of cyber threats. To address
this concern and provide peer insights,
Crowd Research Partners, in partnership
with the 370,000+ member Information
Security Community on LinkedIn, has
conducted an in-depth study on several
important threat lifecycle topics.
This study is a summary of responses
from over 400 cybersecurity professionals
to provide a comprehensive snapshot on
the evolving threat landscape, insider and
external threats, preventative measures,
threat monitoring and data collection,
threat intelligence, threat detection,
threat hunting, threat analytics, incident
response, and incident recovery.Holger Schulze
Founder
Linkedin Information
Security Community
hhschulze@gmail
THREAT MONITORING, DETECTION & RESPONSE REPORT
Group Partner
Information
Security
THREAT MONITORING, DETECTION & RESPONSE REPORT4
KEY FINDINGS
Dealing with advanced threats is the most signifcant concern for cybersecurity professionals:
ransomware (48%), phishing attacks (48%) and attendant data loss (47%). The level of concern with
these threat categories has grown signifcantly over the past 6 months.
Respondents noted signifcant challenges in responding to advanced threats - the most signifcant
being the ability to detect threats (62%). Interestingly, survey participants also noted concerns with
the lack of advanced security staff (41%) and slow speed of response (23%).
As with prior surveys, lack of budget (51%), lack of skilled personnel (49%), and lack of security
awareness (49%) weighed in as the most signifcant obstacles facing security teams.
A large proportion of organizations use threat intelligence platforms – with 57% using one or more
commercial threat intelligence providers followed by 47% using open source platforms.
Insider threats continue to be a growing concern (51% perceived a growth in these threats over
the past year) with inadvertent breaches (61%) identifed as the leading cause. User training was
identifed by 57% of respondents as their leading method for combating such threats.24
5。