It is one thing to employ security technologies and the assumption is once you put them in, they are working to secure your environment. But are they?
A just-released report found 53 percent of security experts admit they are in the dark about how well the technologies they have are meeting expectations and protecting the network, according to a study conducted by the Ponemon Institute and sponsored by AttackIQ. Ponemon Institute surveyed 577 IT and IT security practitioners in the United States who are knowledgeable about their organization’s IT security strategy and tactics. They are also involved in evaluating or responsible for their organizations’ technology investments.
Along those lines, 53 percent of these experts said they not sure how well the technologies they have are protecting the network. In addition, 39 percent of respondents said they are getting full value from their security investments. On top of that, 41 percent of respondents said their organizations are effective in determining gaps in coverage and closing those gaps.
Most organizations are not using an automated solution to determine gaps in the IT infrastructure. Only 41 percent of respondents said the IT security team is effective in determining gaps in the IT security infrastructure and then closing those gaps. In addition, 24 percent of respondents said they use an automated solution, while 29 percent of respondents said they use a combination of automated and manual.
Meanwhile, data breaches are likely because of gaps in the IT security infrastructure.
Respondents were asked to rate the certainty of reducing the likelihood of a data breach because of the ability of their IT security staff, processes and security solutions on a scale of 1 = no certainty to 10 = high certainty. In both cases, less than half are confident that data breaches can be stopped with their current investments in technology and staff, with 63 percent of respondents saying they have observed a security control reporting it blocked an attack when it did not.
Companies are spending an average of $18.4 million annually on cybersecurity, but data breaches still happen because of skilled attackers, complex security infrastructure, and a lack of in-house expertise.
The primary reason data breaches still occur is due to the skill of the attackers, according to 70 percent of respondents. This is followed by the complexity (66 percent of respondents) which can be attributed in part because the companies represented in this research have an average of 47 separate security solutions and technologies deployed in their organizations. Sixty-five percent of respondents said the dynamically changing attack surface and lack of adequate security staff with the necessary skills can lead to a data breach.
Staffing and organizational silos prevent the IT security team from responding to a cyberattack. According to the findings, 25 percent of respondents said the IT security team is able to respond to security incidents within one day. The primary obstacles are created by a shortage of in-house expertise and the lack of timely response and engagement with other departments and functions.
Data breaches still happen because of a lack of visibility into the IT security infrastructure. Along those lines, 56 percent of respondents said a reason data breaches still occur is because of a lack of visibility into the operations of their security program. While respondents are most confident in having visibility into the organization’s applications, endpoints and servers, only 35 percent of respondents said they have a high degree of confidence in visibility into their cloud and IoT devices.
For more details in the report, click here to register.