Dark Reading’s 2021 Incident Response Survey reveals an upswing in SOC capabilities with promising results.

Dark Reading Staff, Dark Reading

August 13, 2021

2 Min Read

Enterprise organizations are ramping up on incident response (IR) and security operations center (SOC) capabilities amid heightened concerns over data breaches, third-party risk, and loss of intellectual property. As a result, nearly half (48%) of organizations have the ability to detect a potential compromise as soon as one occurs or within minutes of it happening.

Dark Reading’s 2021 Incident Response Survey polled 215 IT and cybersecurity professionals from over 20 industries on a variety of issues that pertain to organizational ability to detect and respond to security incidents. The results reveal an upswing in SOC capabilities. A substantially higher percentage of organizations report that they have a formal SOC capability and incident response teams of 15 or more staff members.

Likely as a result of these changes, more respondents this year describe their organization as able to detect most security incidents in near-real time, or within minutes. More than half, 56%, say they remediate most security incidents within minutes or hours of occurrence, compared with 52% in last year’s survey.

Other survey highlights include:

  • 21% of organizations, compared with 11% in Dark Reading’s 2020 survey, report having a dedicated IR team of 15 or more people.

  • 38% of organizations currently have an SOC and another 12% plan to build one internally.

  • 58% of survey respondents say that less than 10% of the security incidents they have experienced had a significant negative impact on the organization.

  • 17% of IT and security leaders surveyed — compared with 10% last year — say they are most concerned about credentialed users misusing data.

  • 44% of organizations report being well connected with the IR teams of business partners, or at least exchange data that might indicate a compromise.

The full report, The State of Cybersecurity Incident Response, can be read here.

About the Author(s)

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

The letters EDR/XDR amid binary code
Application Security
Evil XDR: Researcher Turns Palo Alto Software Into Perfect MalwareEvil XDR: Researcher Turns Palo Alto Software Into Perfect Malware
byNate Nelson, Contributing Writer
Apr 19, 2024
4 Min Read
A computer screen showing GPT-4
Threat Intelligence
GPT-4 Can Exploit Most Vulns Just by Reading Threat AdvisoriesGPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories
byNate Nelson, Contributing Writer
Apr 18, 2024
4 Min Read
An ICS control panel
ICS/OT Security
ICS Network Controllers Open to Remote Exploit, No Patches AvailableICS Network Controllers Open to Remote Exploit, No Patches Available
byDark Reading Staff
Apr 18, 2024
2 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events