2016 SANS Incident Response Survey

Learn about the current state of incident response in this survey report from the SANS Institute.

Read Report

The Changing Landscape of Incident Response Capabilities in 2016

The attacker’s landscape has changed yet again. What was once an era of advanced attackers seeking to gain access into an environment has been transformed by attackers who, for example, quickly access global hotel chains to pilfer millions of credit card numbers.

Incident responders present an unusual challenge to an organization because they can measure success by many metrics. One of these measures is how quickly the organization can detect, isolate, and remediate infections in the environment. The longer an attacker has access to an environment, the more damage can be done.

The 2016 SANS Incident Response Survey found that 29% of respondents report a remediation time of two to seven days. A lack of skilled personnel is aggravating the problem, as 65% of respondents reported the lack of personnel was impeding their ability to respond to incidents.

The 2016 SANS Incident Response Survey discusses the following key topics:

  • The state of the current threat landscape.
  • The underlying cause of security breaches.
  • What types of data are exfiltrated.
  • The maturity of incident response programs.
  • The tools and processes used for effective incident response.
Read SANS Survey Watch Webcast

Related Offerings

McAfee Enterprise Security Manager

At the core of our SIEM offering, it delivers the performance, actionable intelligence, and real-time situational awareness required to identify, understand, and respond to stealthy threats, while simplifying compliance with an embedded framework.

McAfee Threat Intelligence Exchange

Optimizes threat detection and response by delivering protection to all points in your enterprise as new threats emerge.

McAfee Advanced Threat Defense

Detects advanced targeted attacks and provides actionable threat information. Unlike traditional sandboxes, McAfee Advanced Threat Defense broadens detection and exposes evasive threats.

Risk & Compliance Services

Fill the gaps in your information security program. Assess current policies, create new programs that meet compliance goals, and cost-effectively prepare for security emergencies.

Incident Response Services

Our teams of security experts guide enterprises on the best ways to maintain a strong security posture. We provide immediate incident response services to address security breaches and help develop incident response programs.

Learn More

Bringing Efficiency and Collaboration to the Security Operations Center (SOC)

This new study of 565 security decision-makers worldwide shows that incident response could be 38% to 100% more effective through SOC to operational collaboration.

Incident Response Solutions

Reduce the risk and impact of data breaches and attacks by factoring real-time context into security controls, analytics, and intelligence in a continuous incident response program.

Securosis Webcast: Drive Smarter Incident Response with SIEM

Gain insight from industry experts on how to use external threat data to detect attacks faster and make more accurate decisions.