London, 15 December, 2016 – Balabit, a leading provider of Contextual Security Intelligence (CSI) technologies, today announced the findings from its CSI Report survey of more than 100 IT and security professionals about security incident investigations.1 According to the study, 75% of organizations set fixed time limits for investigating potential security incidents. However, 44% of respondents reported missing internal or external deadlines for investigating or reporting a breach in the last year, and 7% said a missed deadline had resulted in serious consequences.  

Péter Gyöngyösi, Product Manager of Blindspotter at Balabit comments: “The Balabit survey identified that the primary reason for not being able to investigate data breaches in time is that organizations still do not understand their own data. It is difficult for them to extract the necessary information from unstructured data with their existing tools and they lack the contextual information that would help transform this data into valuable, actionable information.” 


Reporting obligations will change with new data protection regulations

The Balabit survey also shows that today 30%, of organizations do not need to report security incidents to external authorities. Though 70% of organizations are required to report incidents, only one quarter of respondents set time limits for reporting. These survey results come as organizations are under increasing pressure to prepare for new or updated compliance regulations that require data breaches to be reported within 72 hours. The EU General Data Protection Regulation, due to come into force in May 2018 (and related to that, the EU-U.S. Privacy Shield), can lead to fines up to 2% of organizations global turnover. Likewise, a new regulation proposed by the New York Department of Financial Services, Part 500 of Title 23, also requires financial institutions to report data breaches within 72 hours, with severe penalties resulting from a failure to do so.   


Additional Key Findings:

Top pain points in forensics investigations
Balabit also asked survey participants to rank aspects of their current breach investigation processes in terms of importance and satisfaction. The following ranking (in order of dissatisfaction) shows which aspects they are the least satisfied with:

  1. “Turning data into understandable information” 
  2. “Seeing how users compare to their peers”
  3. “A single dashboard view of all data sources”
  4. “Seeing differences between actual user actions and normal baseline”
  5. “Fast access to data”
  6. “The ability to perform ad-hoc searches, drilling down to specific events” 
  7. "Easy access to all relevant information” 


For more information, please visit the Balabit CSI Report Infographics.



About Balabit’s CSI Report about security investigations

Balabit asked 108 IT and security professionals including CIOs, CISOs and auditors from Computer Security-, Financial-, Telecommunications, Governmental-, Healthcare- and other sectors at RSA Conference 2016 USA in San Francisco, about the  current status of their security investigation processes. The survey aimed to map which aspects they consider the crucial part of their investigation processes, and whether or not they are satisfied with those aspects. The effectiveness of security tools in forensics investigations was also examined, as well as organizations’ ability to detect, respond, investigate and report data breaches in a timely manner.


About Balabit

Balabit - founded in Budapest, Hungary - is a leading provider of contextual security technologies with the mission of preventing data breaches without constraining business. Balabit operates globally with offices across the United States and Europe, together with network of reseller partners. Balabit’s Contextual Security Intelligence™ platform protects organizations in real time from threats posed by the misuse of high risk and privileged accounts. Solutions include reliable system and application Log Management with context enriched data ingestion, Privileged User Monitoring and User Behavior Analytics. Together they can identify unusual user activities and provide deep visibility into potential threats. Working in conjunction with existing control-based strategies, Balabit enables a flexible and people-centric approach to improve security without adding additional barriers to business practices. 

Founded in 2000 Balabit has a proven track record, with 23 Fortune 100 customers and more than 1,000,000 corporate users worldwide.

For more information, please visit www.balabit.com