Cybersecurity: The Human Challenge

IT teams are showing progress in many battles

• IT teams are on top of patching. Three quarters of IT teams apply patches to desktops, servers, applications, and internet-facing assets within a week of release. Servers and internet-facing assets are patched most quickly, with 39% of respondents patching them within 24 hours.
• Prevention is prioritized. On average, IT teams dedicate nearly half their time (45%) to prevention, with 30% of time spent on detection and the remaining 25% on response.
• IT managers are keeping up to date with cybersecurity. The majority say that they (72%) and their teams (72%) are up to date with or ahead of cybersecurity threats. Just 11% think they are significantly behind.

Improving cybersecurity requires people – who are in short supply

• There is an urgent need for human-led threat hunting. 48% of respondents have already incorporated human-led threat hunts in their security procedures and a further 48% plan to implement it within a year.
• The cybersecurity skills shortage is directly impacting protection. Over a quarter (27%) of managers said their ability to find and retain skilled IT security professionals is the single biggest challenge to their ability to deliver IT security, while 54% say it is a major challenge.

Organizations are changing the way they deliver security

• Outsourcing IT security is rising fast. Currently 65% outsource some or all of their IT security efforts. This is set to rise to 72% by 2022. The percentage of organizations that exclusively uses in-house IT teams will drop from 34% to 26%.
• Improving operational efficiency is a key priority. Four in ten (39%) respondents said that improving operational efficiency and scalability is one of their biggest priorities for the IT team this year.

Ransomware victims display different behaviors and attitudes to those who haven’t been hit

• Ransomware victims are more exposed to infection from third parties. 29% of organizations hit by ransomware in the last year allow five or more suppliers to connect directly to their network – compared with just 13% of those that weren’t hit by ransomware.
• Ransomware damages professional confidence. IT managers whose organizations were hit by ransomware are nearly three times more likely to feel ‘significantly behind’ on cyberthreats than those that weren’t (17% vs. 6%).
• Being hit accelerates implementation of human-led threat hunting. 43% of ransomware victims plan to implement human-led hunting within six months, compared with 33% of those that didn’t suffer an attack.
• Victims have learnt the importance of skilled security professionals. Over one third (35%) of ransomware victims said recruiting and retaining skilled IT security professionals in their IT teams is their single biggest challenge when it comes to cybersecurity, compared with just 19% who hadn’t been hit.