The Current State of Cybersecurity
Companies must protect their own and their customers’ most private and essential information from cybercriminals, and it’s a 24/7 job that requires constant preparedness and instant response. With attacks coming from many different types of attack vectors across many different attack surfaces, cybersecurity is an ever-evolving priority for executives in all industries.
This study measured the state of cybersecurity today in the United States. Approximately 100 respondents from the Legal, Retail, Education, Energy, Finance, High-Tech, Healthcare, and Entertainment industries as well as the Government, were included in the study. We contacted companies with 1,000+ employees, with over $25 million in annual sales. The title levels of respondents included: CISO, CIO, Cybersecurity Director, Security Risk Officer/Manager, Directory of Security, and VP of Security.
This study focuses on these executives’ highest priority concerns and asked questions about their priorities, how they evaluate their activities, and what tools and resources they plan to use to improve their security posture.
High-level takeaways from the survey include that security executives continue to be concerned about their preparedness to fight cybercrime efficiently and are actively seeking enhanced coverage for a wide variety of attack types and surfaces. Attacks that disrupt services or that use credential theft are top concerns as well as the need to protect new environments such as cloud architectures or critical access resources such as Active Directory. New investment priorities are cited for combatting ransomware and for improving cloud security. However, they also mentioned the ability to detect across attack surfaces as the top priority for the next year.
Overall, businesses appear to still struggle with reducing dwell time and with their efficiency in responding to incidents. There appears to be an ongoing reliance on traditional security controls for detection; however, notably, deception technology was listed within the top two to three security controls for detection across a variety of top attack types. The value cited for deception was within its ability to detect threats comprehensively and to respond faster and more accurately to incidents.
Although spending on detection technology still ranked relatively low, organizations seem to be adopting security frameworks to help understand their security gaps and areas where they need to improve coverage. One such model is the U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework that highlights five core areas: Identify, Protect, Detect, Respond, and Recover.
As cybersecurity leaders address ways to increase resilience in their organizations, they must consider all five areas of the NIST framework. In the next year, the highest priority for security gaps to address is the detection across attack surfaces and to be vigilant on many fronts.