IT pros lack confidence in ability to detect and contain cyber breaches
6 April 2018 | 0
Less than half of all organisations are able to detect a major cybersecurity incident within one hour, according to a report from security firm LogRhythm.
Even more concerning, less than one-third said that even if they detected a major incident, they would be unable to contain it within one hour. It also revealed the majority of organisations are only moderately confident in their ability to protect their companies against hackers.
The annual benchmark survey, conducted by Widmeyer, measures the cybersecurity perceptions and practices of organisations in the United States, United Kingdom and Asia-Pacific regions. It surveyed 751 IT decision makers from the US, UK and Asia/Pacific.
Volume and intensity
“Cyber threats continue to grow in volume and intensity. Seemingly every month, another massive security breach dominates headlines,” said Joanne Wong, senior regional director for Asia Pacific and Japan, LogRhythm. “To combat these threats, organisations need to carefully plan their budgets and strategies, while developing effective programmes that tackle specific threats and keep them one step ahead of cyberattackers.”
Many companies are focused on growing their security maturity, and team size is an important indicator. The survey revealed that, on average, companies employ 12 cybersecurity professionals in their organisation. However, more than half of the respondents said that they employ 10 or fewer professionals on their teams.
Special threat detection programmes are another indicator of security maturity. This study found that more than 70% of respondents have programmes in place to detect specific threats such as ransomware, insider or employee threats and denial of service attacks. More than a quarter deploy at least 10 security software solutions to manage security threats.
When it comes to confidence levels, about half of security decision makers believe that a determined hacker can still breach their organisation. Over one-third reported that their company has experienced a breach in the last year — ranging from 29% in the United States to 39% in the Asia-Pacific region.
When asked about the level of confidence, these decision makers revealed that they are only moderately confidence in their cybersecurity measures and abilities. Similarly, most IT executives are only somewhat confident that their security software can detect all major breaches. Likewise, they are only moderately confident that they can protect their companies from hackers.
There are many factors that enable a security team to quickly detect and respond to an incident, including technology, process, programs and people. When it comes to technology, a strong majority of IT executives said that a platform for security management, analysis and response is beneficial.
When asked to consider how their organisation is operating from a Threat Lifecycle Management (TLM) perspective, IT executives were not overly optimistic. About a third of all respondents reported that they need help at virtually all stages in the TLM framework, especially detecting, investigating, neutralising and recovering from cyberthreats.
Security organisations need adequate funding to effectively fight cybercrime. However, the study found that the percentage of resources allocated to cybersecurity from the overall IT budget is often on the lower side. Overall, one-third of executives allocate 10% or less of their IT budget to security. When asked about their comfort level with security funding, 57% of IT executives indicated they are moderately comfortable with their companies level of security funding; however, nearly a quarter said they are not comfortable.
IDG News Service