Threat Management, Security Staff Acquisition & Development

Inadequate resources hinder security teams

Security teams are being hindered from adopting desired risk analysis and threat modeling procedures by inadequate resources, SecurityWeek reports. Ninety-nine percent of IT professionals and executives from medium to large firms reported wanting security posture improvements and 67% said they wanted to perform tool upgrades, which were being hampered by lacking expertise, integration concerns and excessive tools, a survey by Dimensional Research for Netenrich revealed. The report also showed that risk management, incident analysis and threat modeling were cited as respondents' key priorities but less than 40% reported practicing threat modeling and only 30% said they managed external attack surfaces. Moreover, 47% have sought managed service providers but only 17% of MSPs were able to perform threat modeling as the organizations desired. "Developing a rich, continuous threat modeling practice marks a powerful juncture in pivoting from event- or alert- to risk-driven cybersecurity. When those surveyed were asked to elaborate on the value of threat modeling, respondents expressed a clear desire to become more proactive and to determine the likelihood and cost of an attack succeeding," said Netenrich Principal Threat Hunter John Bambenek.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.