Skip to main content

Compromised credentials a key concern for IT pros

There are two biggest security concerns for security professionals all around the world – compromised credentials and too many notifications to handle.

That is a new Rapid7 survey in a nutshell.

The survey, entitled 2015 Incident Detection and Response survey, examined the biggest security concerns and initiatives for IT experts in 2016.

Nine in ten of these professionals are worried about compromised credentials, the survey said.

In a press release following the survey, the statement is backed by the Verizon 2015 Data Breach and Investigations Report, which says that compromised credential shave been the leading attack vector for the last five years.

“Intruders generally remain undetected for an average of 197 days within retail organizations and 98 days within financial services organizations once they’ve breached a network,” it says.

“Security professionals are struggling to detect and investigate incidents because the monitoring solutions available do not provide visibility into today’s modern IT environments and cannot give users the insight they need to make decisions quickly,” said Lee Weiner, senior vice president of products and engineering at Rapid7. “This lack of understanding – or context – is causing massive alert fatigue and leaving companies unable to effectively detect the most used attack method today: compromised credentials.”

Such an environment forces IT security teams to use SIEM (Security Information and Event Management) to help them with detecting and responding to incidents, but that creates a new problem – 62 per cent of organisations say they’re getting more alerts than they can handle.