OCTOBER 14TH, 2019
A New Cybersecurity Insiders Survey on NTA Use in SOCs Delivers Answers
The Cybersecurity Research division at Cybersecurity Insiders has recently completed a survey to determine NTA awareness, knowledge and usage by professionals working in enterprise cybersecurity and at Security Operations Centers (SOCs) operated by Managed Security Service Providers.
Though NTA – and especially DPI sensor-based NTA – is a relatively new strategy for cyber threat detection (see our blog post on Gartner’s first-ever NTA Market Guide), the surveys finds that a majority of organizations (87%) are either already using or plan to deploy NTA, and a similar majority (76%) are using or plan to use deep packet intelligence (DPI) to strengthen cybersecurity.
NTA Adoption Rate
While not all respondents may be aware of the integral role DPI sensors play in NTA solutions, those that are familiar with DPI technology (64%) consider the network traffic information gathered by DPI sensors to be of “crucial importance” (63%) – and of far higher value than data from other sources such as endpoints, IDS alerts and logs.
Importance of Network Traffic Data from DPI Sensors
More than half of respondents also cite effectiveness against advanced persistent threats (APTs) as NTA’s highest-impact role in mitigating cyber threats. And an overwhelming 94% of respondents characterize a key DPI sensor capability – visibility into encrypted traffic – as a moderately to very urgent cybersecurity need. Additional responses shed light on how cybersecurity professionals are using DPI-powered NTA to address perennial visibility, efficiency and agility challenges.
Urgency of Greater Insight Into Encrypted Traffic
To learn more, download the complete survey results. You can also view the recording of the recent webinar which presents the survey findings, and explores issues related to the use of NTA in SOCs. The discussion is led by cybersecurity experts Kurt Neumann, Security Architect, Cisco Threat Analytics; Sebastien Synold, Product Manager, Qosmos Probe, Enea; and Holger Schulze, CEO and Founder, Cybersecurity Insiders (CI).