Enterprises Eyeing More Proactive Cybersecurity Strategies, Survey Finds – Source: securityboulevard.com

Enterprise security teams are having problems keeping pace with the rapid evolution of increasingly sophisticated threat groups despite having the latest protections in place, according to the results of a survey released Wednesday by cybersecurity firm Critical Start.

The report found that 67% of organizations sustained a security breach within the last two years, even though they were using traditional threat-based security measures, indicating that a more proactive approach to managing cyber-risk is needed, officials with the Plano, Texas-based company said.

Enterprises are moving in that direction, according to the findings in Critical Start’s first annual Cyber Risk Landscape Peer Report. About 74% of the 501 U.S.-based IT security decision-makers surveyed said they plan to prioritize risk-reduction strategies like continuous risk monitoring, threat intelligence integration, and timely incident response.

In addition, 93% expect to get help within the next two year through security service providers that can handle some of the risk-reduction efforts.

“Staying ahead of attackers is still a constant battle for organizations,” Critical Start CTO Randy Watkins told Security Boulevard. “Rapidly developing TTPs (tactics, techniques, and procedures) and the proliferation of ransomware-as-a-service have forced many under-resourced security teams into a constant state of detection, response, and recovery. They simply don’t have enough time to be more proactive.”

Managed Services Can Help

This is where managed service providers can come in to operationalize security technologies and augment shortfalls in security staffing, Watkins said.

The problems talked about in the survey are the ones Critical Start, a managed detection and response (MDR) technology provider, has been trying to address since its founding in 2012 and dovetails with the vendor’s efforts in what it calls managed cyber risk reduction (MCRR), an evolution of MDR from a reactive to a more proactive stance.

The company earlier this month rolled out a new risk assessment offering as a component of its MCRR approach that will help enterprises better analyze the massive amounts of data coming in that can illustrate a business’ risk level to enable them to better prioritize investments.

The survey results back up Critical Start’s argument for a more proactive approach to cybersecurity, a growing trend in the industry among vendors and IT security experts. This includes the use of automation and AI technologies to reduce a company’s level of risk and improve decisions around security, according to Piyush Pandey, CEO of Pathlock, whose technologies automate the enforcement of controls around access and cybersecurity checks.

“We are seeing more and more organizations increasing their budgets around the testing, monitoring, and enforcement of their controls, such as application access and application security configurations,” Pandey told Security Boulevard. “With proper access governance and application security controls, the potential risks for cyber breach or data loss are significantly reduced.”

A Distributed Workforce Also a Challenge

Darren Guccione, co-founder and CEO of Keeper Security, noted that not only has the cyberthreat environment evolved, but changes to the workforce also increase the challenge of locking down the enterprise.

“The mass migration to distributed remote work environments has radically increased the number of endpoints, the number of remote locations such as home-offices, and correspondingly, the sheer number of websites, applications, and systems that require identity verification, access, and full end-to-end encryption,” Guccione told Security Boulevard. “Data shows the human element is far more difficult to protect, and often, the most error-prone element of the attack chain.”

All of this feeds into the findings in Critical Start’s survey that 66% of security pros don’t have a high degree of confidence in the effectiveness of their current security strategies, which they say limited the understanding of their companies’ cyber-risk profiles and hinder their ability to prioritize investments and effectively allocate resources.

That closely mirrors what executives are thinking. About 61% of those surveyed said there is a misalignment cybersecurity investments and their organizations’ risk-reduction priorities.

“Even when risks are identified, organizations find themselves grappling with limited resources, including understaffed teams, the need for broad multi-domain security expertise, and constrained budgets,” the report’s authors wrote, calling the situation the “cyber risk conundrum.” “Consequently, organizations often find themselves taking chances with their security investments, essentially guessing where to allocate their resources.”

What organization need are ways to quickly identify risk on an on-going basis and transitioning the analysis of risk into actions that will deliver marked improvements, according to Critical Start.

“These capabilities will help organizations stop gambling with security investments and have confidence that they are making the most impactful risk-based decisions,” the authors wrote.