Products & Releases

Report: Most Companies Unprepared For Quick Response To Attack

Most companies do not have the capability to determine the full scope of security incidents
SALT LAKE CITY, UT — Oct. 1, 2009 " Solera Networks, the leading provider of network forensics products and services, and Trusted Strategies, a research and advisory firm focused exclusively on information security, have released the results of a survey on network forensics. The survey found that an overwhelming number of companies have recently experienced or expect to experience a significant network security breach within the next 36 months.

While many survey respondents believe incident response is necessary; most do not have the capabilities to determine the full scope of an incident when it occurs. This is daunting, given that 75 percent of the respondents believe that an attack will have a significant impact on their company brand and reputation.

According to Jim Finley, former Deputy under Secretary of Defense for acquisition and technology and respondent to the survey, "Most enterprise security budgets are allocated almost entirely for prevention. Very little is set aside for response, so when an incident does happen most companies tend not to be as prepared as they ought to be."

Over 200 individuals participated in the survey. All belonged to organizations with at least 1,000 network nodes and either managed or were directly involved in the maintenance of their organization's computer networks. Highlights of the findings include:

  • More than 85 percent of respondents have either had a major network incident in the past 36 months or expect to have a major incident in the coming 36 months

  • Over 75 percent of the survey participants agreed that a major security incident has a significant impact on the company's brand and reputation

  • Nearly half of the respondents say that when an attack occurs, it can take two to 10 or more days to determine the full scope of the incident

  • Ninety-two (92) percent of respondents believe that it is important to have network forensics capabilities that can capture and record all network traffic; yet only 28 percent were very familiar with network forensic solutions

  • While 76 percent feel that they need to do more and their organization would benefit from more incident response tools, about half of the respondents spend less than 25 percent of their overall security budget on incident response and a fourth don't have an effective incident response plan in place

    "In 2008, more than 285 million records were compromised," said Steve Shillingford, CEO of Solera Networks. "That number is staggering, and it's only from 90 confirmed breaches. TMobile, Pepsi, Merrill Lynch and American Express are just a few companies that have been under attack and have experienced an impact to brand reputation and trust. It demonstrates that despite the many prevention tools that are in place, a breach is inevitable. Companies that want to quickly respond and remediate must have a comprehensive network forensics solution in place for incident response."

    Ray Owen, Defense/intelligence cybersecurity executive and advisor, said, "Management needs to understand that mounting an effective response to an attack requires real-time knowledge of what is happening across their networks. The industry needs the tools to help us do that quickly."

    To view the full report of the survey findings and to download graphical images, please visit (Link to be provided)

    About Solera Networks Solera Networks develops high-speed packet capture, retrieval, and reconstruction software for network forensics applications. Our systems capture every packet at line rates up to 10Gbps on physical and virtual networks. The Solera Networks architecture provides open platform interoperability, extensible storage, and portability for any network, giving security professionals comprehensive network visibility. For more information on Solera Networks, visit

    About Trusted Strategies Trusted Strategies is the premier advisory, consulting, and market intelligence firm focused exclusively on assisting vendors of IT security products and services.


    Peter Schlampp

  • Editors' Choice
    Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading