Respondents say automation would be a valuable addition at a time they’re struggling with surge of incidents, talent shortages.
WATERLOO, Ontario–(BUSINESS WIRE)–
Magnet Forensics (TSX: MAGT), a developer of digital investigation solutions for more than 4,000 enterprises and public safety organizations in over 100 countries, today announced the release of its 2023 State of Enterprise DFIR survey. The survey revealed that the rapid evolution of cybercrime is weighing on security teams substantially more than it did last year, leading to widespread burnout and potential regulatory risk.
“Digital forensics and incident response teams have proven to be indispensable to combat cybercriminals but the complexity and volume of attacks and the dearth of talent available to address them is leading to unprecedented burnout,” said Adam Belsher, chief executive officer of Magnet Forensics. “Strategic organizations are turning to Magnet AXIOM Cyber to find the root cause and other critical evidence required to investigate incidents and mitigate risks. Magnet AUTOMATE Enterprise, meanwhile, is helping them address the growing volumes of incidents by automatically launching investigations and keeping them running 24/7/365.”
The annual Magnet Forensics survey polled 492 digital forensics and incident response (DFIR) decision makers and practitioners who are predominately located in North America, Europe, the Middle East and Africa. Its respondents described the current cybercrime landscape as one that is evolving beyond ransomware and taking a toll on their ability to investigate.
- More than 40 per cent of respondents described the evolution of cyberattack techniques as a “large” or “extreme” problem impacting their investigations. This represents a 50 per cent increase from the 2022 State of Enterprise DFIR report.
- Business email compromise is on the rise and is now occurring more frequently than ransomware, the most common security threat in last year’s report. The highest number of respondents — 14 per cent — said they encounter it “very frequently.”
- Business email compromise attacks are the most likely to require third-party resources to assist with the investigation, according to 50 per cent of respondents.
- It’s taking security teams too long to get to the root cause of these evolving attacks. More than 43 per cent said it takes them between one week and more than a month. About 1 in 3 respondents said that identifying the root cause requires either a “complete overhaul” or “major improvements.”
With cybercriminals intensifying their efforts, DFIR teams now find themselves investigating waves of incidents that are growing in volume and complexity. According to 45 per cent of respondents, the surge in investigations and the data associated to them is either a “large” or “extreme” problem for their organizations. Unable to handle this data alone, nearly two-thirds look to third parties for help. A global talent shortage, one that’s left more than 755,000 unfilled cyber jobs in the U.S. alone, isn’t helping matters, according to the respondents. Nearly 1 in 3 say that recruiting and hiring new DFIR professionals is a challenge. Each of these factors is contributing to their burnout and leading them to seek out alternate solutions like automation.
- More than half (54 per cent) of the respondents said they were feeling burned out in their jobs.
- Alert and investigation fatigue is likely playing a role in burnout as 64 per cent of respondents said it is a “real issue.”
- Today’s investigative workflows are being slowed down by a reliance on repetitive tasks and tools that aren’t interoperable. The same percentage of respondents — 37 per cent — described both as either a “large” or “extreme” problem.
- Their workload may be contributing to exposing their organizations to regulatory risk. Nearly half (46 per cent) said they just don’t have the time to understand new cybersecurity regulations.
- The respondents see automation as the solution. More than 50 per cent said automation would be “extremely valuable” or “highly valuable” for several DFIR tasks, including the remote acquisition of target endpoints and the processing of digital evidence.
Magnet Forensics conducted a web survey of 492 digital forensics and incident response decision makers and practitioners between Oct. 4 and Nov. 1, 2022. The respondents range from analysts to executives and represent organizations in industries such as technology, manufacturing, government, telecommunications and healthcare. The survey targeted professionals in North America and Europe, the Middle East and Africa, which account for 94 per cent of the respondents.
About Magnet Forensics
Founded in 2010, Magnet Forensics is a developer of digital investigation software that acquires, analyzes, reports on, and manages evidence from digital sources, including computers, mobile devices, IoT devices and cloud services. Magnet Forensics’ software is used by more than 4,000 public and private sector customers in over 100 countries and helps investigators fight crime, protect assets and guard national security.
Source: Magnet Forensics