According to a survey conducted by Rapid7, 62% of organizations get too many alerts. The majority of respondents, or 54%, said their teams were only able to investigate 10 or fewer alerts per day, partly due to how long these investigations take. The password protection policy of a large financial services institution with more than 5,000 employees.
Meanwhile, 90% of respondents said that they are worried about attacks using compromised credentials, while 60% said that they cannot detect these kinds of attacks.
One solution is to use user behavior analytics to spot credentials that are being used in unusual ways, a possible sign that they have been compromised.
Of the 40% of respondents who said they can detect attacks that use compromised credentials, 27% said that they have user behavior analytics in place. Only 21% of respondents said that they are monitoring the use of cloud services with their SIEM, and only 33% said that they have security visibility into cloud services.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now