One in three businesses rely on outdated cyber security tools to address next generation threats
A new report released today, commissioned by Cyber adAPT and conducted by Ovum, reveals that nearly a third (31%) of security teams depend solely on outdated tools such as basic search and monitoring for their cyber security needs. The report, Business has a crucial need for continuous threat visibility and cyber security management services, collates insight from more than 6,000 senior business respondents, as well as in-depth interviews with CISOs, and demonstrates that cyber security spending is increasing at a rate of between 9%-12% each year. Despite the rise in investment, the volume of attacks continues to skyrocket, with data breach incidents increasing by 40%. The report states that the amount of data lost has grown to unsustainable levels, with 1.9 billion records lost or stolen during the first half of 2017 – more data loss than 2016 as a whole. This industry is however showing positive signals, with over two-thirds (69%) of security teams switching to a more evolved, analytical approach to defense. These include advanced security information and event management (SIEM), next-generation artificial intelligence (AI), machine learning (ML), and network analytics. Kirsten Bay, President and CEO of Cyber adAPT, comments: “New generation technologies offer an exciting future for the cyber security industry. Many CISOs are struggling to persuade their boards to invest in new solutions, having failed to demonstrate the returns delivered by outdated tools – in fact, almost 60% of respondents thought they received poor value from their existing investments.” For organizations not yet utilizing next generation analytics, over half (57%) of teams said they were not ready as the tools would be too difficult to integrate based on the internal skills and resources they draw upon. Bay continues: “A platform approach, bolstered by AI and machine learning is set to offer real returns for cyber security customers. Technology will no longer rely on human input to detect threats and will prioritize alerts to streamline the CISOs workload, reducing the amount of time a threat is active inside a network.” Half of organizations (50%) highlighted false positives as something they could not afford to waste time dealing with. Managed Security Services Providers (MSSPs) deliver prioritized threat data offering the potential to save time, 80% of CISOs stated they were prepared to work with a MSSP, and the report predicts this sector will account for more than 20% of total security market share by 2020.
Andrew Kellett, Principal Analyst, Infrastructure Solutions at Ovum, comments: “With an evolving threat landscape, CISOs are battling to equip organizations to improve security and data protection. The lack of available resources within internal teams creates a vulnerability that technology must address. Prioritizing risk must be the focus to ensure effective returns on cyber security investment and safeguard network infrastructures.”