Today’s funding, people, and solutions fall short vs. cybercrime
Since 2019 and the pandemic, things have changed. But we all know the more things change, the more they stay the same. We felt it was time to take a pulse reading of CISO, CTOs, and Senior IT security decision-makers that would be slightly different than what your average cybersecurity vendor produces.
Every cyber vendor will publish an annual, semi-annual, or quarterly report basically letting you know two things: the Internet is still a wild west with attacks succeeding what seems like every day and their products are successful for their customers. If that’s the case, then why with double-digit growth in spending on cybersecurity spending are we seeing an alarming increase in the number of successful cyberattacks? Is it because there’s a talent gap in the people you hire and their actual capabilities? Is there a gap in the solutions you chose, and/or is there something wrong with your processes and training? We wanted to get inside the CISO’s beliefs about their security team and tools and try to understand why the cybercriminals keep winning. After analyzing survey results, we saw a theme that despite fair to great funding and a fair amount of trust in solutions and people, it’s not enough. Far too many breaches still happen.
For example, according to our research, even though budget allocations are significant for cybersecurity products and respondents have confidence in their plans, teams, and products, they still regularly suffer data breaches. How many? Around one-third in the past twelve months and about half over a longer period.
The things we really keyed on in our survey were budget vs. breaches, response plans, IT staff and solutions, and decision makers’ perceptions of adequacy at monitoring internal versus external threats. We found it very interesting that nearly 60% of respondents felt their traffic monitoring solutions offered adequate protection against data breaches when most of those products only sample a fraction of the traffic. Additionally, it was interesting that of the one-third who reported a data breach in the last year, two-thirds of those cases involved personal devices.
Although not addressed in detail in this research, insights from the data suggest genuine concern as offices start to reopen and welcome their employees back along with all their new devices as 76% feared devices manufactured abroad likely have some type of malware preinstalled.
We commissioned Amplitude Research, Inc. to conduct a web survey about cybersecurity at organizations in the U.S. In order to qualify for the survey, respondents had to indicate that they were involved in decisions about IT security / Internet security at their organization. Moreover, respondents were required to be a primary / final decision-maker (76% of respondents), co-decision-maker (15%), or influencer of decisions (9%). In the end, the survey was completed by 450 qualified respondents in July of 2021.
Dave Gast (CEH/SEC+/ITIL 4/PMP) is an INTRUSION Sr. Threat Researcher & Info/Cyber Security Subject Matter Expert with a 26 year active duty military career and 10 year government contracting consulting role including extensive cyber intelligence and threat analysis.
Ready to get protected?
INTRUSION Shield is affordable for every business, large or small. We price per seat, per month – with no annual contract and no hardware to buy.