Your ProgressSee How Your Security Response Profile Stacks Up Against the Best The attention and investment in Cyber Security and Risk Management is greater than it's ever been. Security response groups are in the eye of the storm, responsible for not only identifying and managing risk to your business, but improving defenses against future events. There are multiple approaches for building a security response team and organizations vary widely on how they tackle it, including how the team operates, how much they spend and the results they deliver. In this groundbreaking study based on real-world data and profiles, we've highlighted four different organizational profiles and how they approach cyber security risk and response. More importantly, we've looked at how organizations are evolving to better address risk. Adjusting to a proactive approach is the end game. Hunting for threats and blending the science of security with the art of understanding the human attacker is the next wave of progression for security organizations. Fill out the form below to get startedFirst Name*Last Name*Company*Email* Country*Select CountryAfghanistanAlbaniaAlgeriaAmerican SamoaAndorraAngolaAntigua and BarbudaArgentinaArmeniaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBosnia and HerzegovinaBotswanaBrazilBruneiBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaColombiaComorosCongo, Democratic Republic of theCongo, Republic of theCosta RicaCôte d'IvoireCroatiaCubaCyprusCzech RepublicDenmarkDjiboutiDominicaDominican RepublicEast TimorEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFijiFinlandFranceFrench PolynesiaGabonGambiaGeorgiaGermanyGhanaGreeceGreenlandGrenadaGuamGuatemalaGuineaGuinea-BissauGuyanaHaitiHondurasHong KongHungaryIcelandIndiaIndonesiaIranIraqIrelandIsraelItalyJamaicaJapanJordanKazakhstanKenyaKiribatiNorth KoreaSouth KoreaKosovoKuwaitKyrgyzstanLaosLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMauritaniaMauritiusMexicoMicronesiaMoldovaMonacoMongoliaMontenegroMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew ZealandNicaraguaNigerNigeriaNorwayNorthern Mariana IslandsOmanPakistanPalauPalestinePanamaPapua New GuineaParaguayPeruPhilippinesPolandPortugalPuerto RicoQatarRomaniaRussiaRwandaSaint Kitts and NevisSaint LuciaSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbia and MontenegroSeychellesSierra LeoneSingaporeSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSpainSri LankaSudanSudan, SouthSurinameSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTogoTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUnited StatesUruguayUzbekistanVanuatuVatican CityVenezuelaVietnamVirgin Islands, BritishVirgin Islands, U.S.YemenZambiaZimbabweState*AlabamaAlaskaArizonaArkansasCaliforniaColoradoConnecticutDelawareDistrict of ColumbiaFloridaGeorgiaHawaiiIdahoIllinoisIndianaIowaKansasKentuckyLouisianaMaineMarylandMassachusettsMichiganMinnesotaMississippiMissouriMontanaNebraskaNevadaNew HampshireNew JerseyNew MexicoNew YorkNorth CarolinaNorth DakotaOhioOklahomaOregonPennsylvaniaRhode IslandSouth CarolinaSouth DakotaTennesseeTexasUtahVermontVirginiaWashingtonWest VirginiaWisconsinWyomingArmed Forces AmericasArmed Forces EuropeArmed Forces PacificProvince*AlbertaBritish ColumbiaManitobaNew BrunswickNewfoundland & LabradorNorthwest TerritoriesNova ScotiaNunavutOntarioPrince Edward IslandQuebecSaskatchewanYukonJob Title*Select Industry*Select industry...Banking/Financial ServicesCloud/Hosting ProviderComputer Hardware/SoftwareConsulting/Professional ServicesConsumer Products/Packaged GoodsDistributor/VADEntertainment/Online GamingFederal/National GovernmentHealthcare/HospitalsHigher EducationHospitality/LeisureInsuranceInternet Service ProviderLogistics/TransportationManaged Security Service ProviderManufacturingMedia/PublishingMobile ProviderNon-Profit/NGOPharmaceutical/Medical DevicesReseller/VARRetail/Online ServicesState/Regional GovernmentUtilitiesOther Your Progress Question 1 Threat DetectionWhich best characterizes your approach to detecting threats in your network?*We use IPS, AV and/or sandboxes to detect threats.We use a full spectrum of security solutions to detect threats and rely on our SIEM and SOC to alert us to what they are seeing.We have a full spectrum of security solutions, a SIEM and SOC, and have added a proactive team to go out and explore hunches on where we might be attacked.We are able to look beyond the known threats within our network, to prepare for the what-if scenarios using a combination of intelligence researchers, analytics and scenario visual maps. Your ProgressQuestion 2 Incident ResponseWhich most accurately reflects your Incident Response policy?*We don’t have an Incident Response team.Our focus is on breach response and our legal and compliance requirements. We have a policy and a set of designated cross-functional members across Security, Investigation, Legal and Corp Comms. teams.We have a dedicated set of individuals, processes and metrics (and supporting tools) to measure our effectiveness around closing incidents in a timely and effective manner.We have begun an integrated Intelligence and CERT function, using a proactive analyst team to hunt for potential threats, and a CERT that moves to quickly contain incidents that are detected. Your ProgressQuestion 3 MetricsWhat metrics does your team use to measure organizational success in detecting and responding to threats and incidents?*The severity and number of threats blocked by our perimeter security or endpoints.The length of time to resolve an escalated security event.The length of time to contain an incident once discovered.The length of time a threat has been within the network until it was discovered. Your ProgressQuestion 4 Cyber IncidentHow many staff are focused on Cyber Security, Threat Intelligence and Cyber Response?*We have no single dedicated resource, we pull from our Security Operations and Infrastructure teams.We have < 3 people dedicated on IR or Intelligence.We have a dedicated IR and Intelligence team ≤ 5.We have a dedicated IR and Intelligence team ≥ 10. Your ProgressQuestion 5 PhilosophyWhen looking at your organization's posture and priority on Incident Response, what best describes the philosophy or maxim:*We are focused on the known problems such as a lost laptop or an employee leaving to a competitor.Becoming as effective as possible at triaging and analyzing security events throughout the business.Finding the unknown attacks.Visualizing what happens next.CommentsThis field is for validation purposes and should be left unchanged.