Findings from a summer 2021 survey
Organizations face a relentless barrage of cyberattacks amid a cybersecurity landscape that’s as complex and challenging as ever.
Many are still in a state of chaos and transition — weaknesses exposed by COVID19-forced infrastructure changes remain unresolved. In defending their organizations against ransomware and other cyberattacks, IT security professionals face a variety of challenges encompassing people and technology.
This research report highlights the extent to which organizations struggle to establish effective cybersecurity defenses, even as they invest significant time, money and other resources in their attempts.
The next phase of maturation is to bring these efforts together under a security operations approach that can guide and advance key organizational objectives.
“The best way for organizations to break out of chaos and uncertainty caused by the relentless barrage is for them to recognize that their problem isn’t a lack of technology, but lack of operational expertise,” said Ian McShane, Field CTO at Arctic Wolf, which sponsored the survey.
CyberRisk Alliance conducted the survey in July and August 2021 among 314 IT and cybersecurity decision makers (65%) and influencers (35%). Respondents included C-level executives, vice presidents, directors and managers in North America (32%) and Europe (68%), specifically in the United Kingdom and DACH, Nordic and Benelux regions.
“Organizations that stop trying to buy better security with new products and apply focus on adopting and implementing a security operations framework, are more secure, more resilient, and better able to adapt to the ever-changing threat landscape,” McShane added.
Even as organizations take all the right steps to strengthen their cybersecurity defenses — training employees, investing in technology and engaging third-party experts — they are still not achieving the desired outcomes.
Key findings from the study:
- Organizations continue to face a relentless barrage of cyberattacks. On average, respondents reported that their IT and security teams had investigated an average of nearly 1,400 incidents over the past year, which is about three incidents per day. Nearly half of the respondents (48%) said their organization investigated one or two incidents daily during this timeframe.
- Unsurprisingly, while lack of qualified staff, complicated solutions, ineffective training and regulatory compliance are all genuine challenges for the majority of organizations, carelessness or limited knowledge on the part of employees topped the list, cited by 57% of respondents.
- When asked to identify components of an effective cybersecurity strategy, technology, and innovation, building organization security culture through employee/IT staff training, and staffing/retaining qualified IT staff were ranked in the top two by well over one-third of all respondents.
- In the past year, the overwhelming majority organizations have steadily increased their spending on cybersecurity solutions – 80% have maintained or increased their cybersecurity budgets in 2021 or have indicated they are likely to do so. Many made it clear that future cybersecurity investments are driven by their need to keep pace with new risks and threats (47%) and the push to expand their cybersecurity capabilities (46%).
- Despite their enthusiasm for new technology and innovation, organizations experience persistent challenges related to cybersecurity technology, ranging from product proliferation to difficulty in capturing meaningful security alerts. Many respondents have encountered challenges with cybersecurity technologies that are complicated (53%), and 51% said the number of security products is excessive or confusing. Missing alerts/notifications was a concern for nearly half (49%) of all respondents while alert fatigue concerned 43%.
- As organizations continue to rely on IT and security teams that are understaffed, under-resourced from a skills perspective and, in many cases, burned out, many (60%) have adopted a hybrid approach in managing their cybersecurity, handling some aspects of security internally while engaging an external partner to manage other areas.
The cumulative effect of organizations’ challenges has been to undermine organizations’ confidence in their ability to effectively defend against a cyberattack. This research reveals that simply increasing employee training and investing in technology solutions are not, by themselves, enough. Moreover, organizations cannot address challenges related to people and technology separately. These are mutually dependent areas that must be tackled through a security operations approach.