To strengthen their safety posture and cut back the danger of breaches, data safety professionals are looking for to scale back the variety of safety expertise suppliers they cope with, the Cisco 2019 CISO benchmark research reveals.
The annual survey of 3,000 safety leaders throughout 18 international locations reveals that CISOs are additionally looking for to extend collaboration between networking and safety groups, enhance safety consciousness amongst staff, migrate to the cloud, and cut back reliance on much less confirmed applied sciences resembling synthetic intelligence (AI).
The benchmark research reveals that advanced safety environments, with merchandise from 10 or extra safety suppliers, might be hampering safety professionals’ visibility throughout their environments, with 65% of respondents saying they discover it arduous to find out the scope of a compromise, comprise it and remediate from exploits.
However, the survey reveals a seamless pattern away from level merchandise to provider consolidation. In 2017, solely 54% of respondents stated they’d 10 or fewer suppliers; this has now risen to 63%.
The benchmark report notes that in lots of environments, a number of provider options usually are not built-in, and so don’t share alert analysis and prioritisation. The survey reveals that even these CISOs with fewer level options may handle their alerts higher via an enterprise structure method.
The unknown threats that exist outdoors the enterprise within the type of customers, information, units and apps can be a high concern for CISOs. To deal with these challenges, 45% of these polled have elevated funding in safety defence applied sciences, 39% have elevated safety consciousness coaching amongst staff, and 39% are targeted on implementing threat mitigation strategies.
High monetary affect
Survey respondents famous the excessive monetary affect of breaches, with 45% reporting that the monetary affect of a breach to their organisation was greater than $500,000. While greater than 50% are driving breach prices beneath that degree, 8% claimed prices of greater than $5m per incident for his or her most vital breach of the previous yr.
“More than ever before, CISOs are reporting that they are taking a much more proactive role in reducing their exposure through consolidation and training, as well as investments in critical technologies, for cyber defence and breach containment, but the war is far from over,” stated Steve Martino, senior vice-president and chief data safety officer at Cisco.
“Security leaders are still struggling to get greater visibility across their organisation and into threats. You can’t protect what you can’t see. Cisco is committed to helping organisations address these challenges and implement new techniques and technology to stay one step ahead of malicious actors and threats.”
The survey reveals that the objective of accelerating collaboration between community and safety groups is being realised, with 95% of respondents reporting that their networking and safety groups had been “very” or “extremely” collaborative, and 59% stated the monetary affect from their most critical breach was lower than $100,000.
There is extra confidence in cloud-delivered safety and in securing the cloud, the survey reveals, with 93% of CISOs reporting that migrating to the cloud elevated effectivity and effectiveness for his or her groups.
At the identical time, the perceived problem of defending cloud infrastructure has decreased from 55% in 2017 to 52% in 2019.
The survey reveals that using threat evaluation and threat metrics that span the enterprise, partly pushed by cyber insurance coverage procurement, is enjoying a rising function in expertise choice and has helped CISOs give attention to their operational practices, with 40% of respondents utilizing cyber insurance coverage to some extent to set their budgets.
Although 30% of respondents stated they’ve nearly given up making an attempt to remain forward of malicious threats and unhealthy actors, this determine is down from 46% in 2018. However, the survey report notes that CISOs nonetheless face plenty of challenges and there may be nonetheless room for enchancment.
While AI and machine studying, used accurately, are important to the preliminary phases of alert prioritisation and administration, the report stated reliance on these applied sciences has decreased. This is attributed, a minimum of partly, to the truth that CISOs understand these instruments to nonetheless be of their infancy or not prepared for prime time, with reliance on machine studying down from 77% in 2018 to 67% in 2019.
Similarly, reliance on AI is down from 74% in 2018 to 66% in 2019, whereas reliance on automation is down from 83% to 75%.
Employees proceed to be one of many greatest safety challenges for a lot of CISOs, the survey reveals. Having an organisational course of that begins with safety consciousness coaching on day one is important, says the report, however solely 51% of respondents charge themselves as doing a superb job of managing worker safety through complete onboarding and processes for transfers and departures.
Email safety stays the primary menace vector, the survey reveals, with phishing and dangerous consumer behaviour remaining a high concern for CISOs. The notion of this threat has remained regular for the previous three years for between 56% and 57% of respondents. Coupled with low ranges of security-related worker consciousness programmes, the report says this represents a attainable main hole that the safety business will help to deal with.
Alert administration and remediation stays difficult, the survey reveals, with a reported drop in remediation of reliable alerts type 50.5% in 2018 to 42.7% in 2019. The report described this as “concerning” provided that many respondents are shifting towards remediation as a key indicator of safety effectiveness.
Security metrics altering
Security metrics are altering, the survey reveals, with the variety of respondents who use imply time to detection as a metric for safety effectiveness falling from 61% in 2018 to 51% in 2019 on common. Time to patch has additionally dropped in focus from 57% in 2018 to 40% in 2019, however time to remediate has risen as a metric to 48% in contrast with 30% in 2018.
The report recommends that CISOs base their safety budgeting on measured safety outcomes, with sensible methods coupled with cyber insurance coverage and threat assessments to information their procurement, technique and administration choices.
There are confirmed processes that organisations can make use of to scale back their publicity and extent of breaches, the report says, recommending that CISO put together with drills, make use of rigorous investigative strategies, and know probably the most expedient strategies of restoration.
The solely technique to perceive the underlying safety wants of a enterprise case is to collaborate throughout IT, networking, safety and threat and compliance teams, it says.
The report recommends that CISOs: orchestrate response to incidents throughout disparate instruments to maneuver from detection to response extra shortly and with much less guide coordination; that they mix menace detection with entry safety to deal with insider menace; that they undertake a zero belief method to safety; and that they deal with the e-mail safety menace with phishing coaching, multifactor authentication, superior spam filtering and domain-based message authentication, reporting and conformance (Dmarc) to defend in opposition to enterprise e mail compromise (BEC).