Key Findings – SANS “Breach Avoidance: It Can Be Done, It Needs to Be Done” Report

Key Findings - SANS "Breach Avoidance: It Can Be Done, It Needs to Be Done" Report

The SANS Institute, one of the premier cybersecurity research firms, recently released a whitepaper entitled “Breach Avoidance: It Can Be Done, It Needs to Be Done.” The report was sponsored by Balbix and written by John Pescatore. Its thesis stands as one of the most optimistic in all of cybersecurity: most data breaches are avoidable.

The key findings from this SANS data breach whitepaper include:

  • In the first 203 days of 2018, 668 data breaches were publicly disclosed in the U.S.A. Obviously, this number does not reflect the breaches not reported to the public.
  • At the current rate of breaches (3 per day), 1,200 breaches in all will occur this year.
  • Of the 18,000 enterprises in the U.S.A. with at least 500 employees, 17,000 companies will have avoided a major data breach this year.
  • The number of breaches in 2018 is on pace to match 2017.
  • The number of records exposed in 2018 is poised to be 66% less than 2017.

How are enterprises avoiding data breaches? According to SANS, part of the key is proactive cybersecurity protocols. Threat hunting, threat intelligence, and threat detection as embodied in SIEM and security analytics solutions can be key capabilities in becoming proactive. However, SANS also points out good proactive activity and attention as necessary as finding a good solution.

Adding layers to your cybersecurity policy can only create confusion and disruption. It’s more important to form a strong digital security team and find a good solution to enhance their efforts.

You can download the full SANS “Breach Avoidance: It Can Be Done, It Needs to Be Done” whitepaper here.   

Other Resources: 

The 10 Coolest SIEM and Security Analytics CEO Leaders

5 Tips for Setting Up a Security Operations Center (SOC)

Get Your Employees to Embrace SIEM Best Practices!

4 Tips to Make Data Breach Detection Easier For Your Enterprise

Enterprises: Don’t Become Complacent in Your Cybersecurity!

How to Make Your SIEM Solution Deployment Easier for Your Enterprise

Comparing the Top SIEM Vendors — Solutions Review

How UEBA Can Prevent Insider Threats in your Enterprise

SIEM vs Security Analytics: What’s the Difference?

Should Risk Analytics Bridge the Cybersecurity Talent Gap?

What’s Changed? The Gartner 2017 Security Information and Event Management (SIEM) Magic Quadrant

The 25 Best Security Analytics and SIEM Platforms for 2018

Ben Canner

Leave a Reply

Your email address will not be published. Required fields are marked *