In just over a year, there have been a bevy of cyberattacks and data breaches that have affected not only companies and governments, but millions of people across the world.
- Ticketfly: 26 million users affected
- Uber: 56 million users affected
- Equifax: 143 million users affected
- Petya: 80 governments, 12,000 companies across 65 countries
At the same time, there is a widening workforce gap of cybersecurity professionals across the U.S. and the world. In fact, a 2017 study by the Center of Cyber Safety and Education found that this gap is on pace to reach 1.8 million by 2022. Another prediction by Cybersecurity Ventures showed 3.5 million cybersecurity job openings by 2021.
With so much uncertainty within the realm of cybersecurity, ProtectWise teamed up with Osterman Research to better understand how companies are updating their practices. The researchers interviewed 400 security analysts in the U.S. to uncover how organizations with 1,000 or more employees are deploying network security strategies. “We initially set out to get a clear picture of the security strategies mid-sized and large organizations are using to detect and respond to threats within their expanding infrastructures,” explained ProtectWise Co-founder and CTO Gene Stevens. Here are the key takeaways from the report:
#1 Shared Security Pain Points Exist, Regardless of Organizational and Security Team Size
There are a number of common issues and strategies among companies, regardless of size. Firstly, two-thirds of respondents manage their security overload by prioritizing the highest value targets.
Secondly, 46 percent of all respondents would, ideally, retain data for more than 18 months, but only 14 percent actually do so. Thirdly, as security issues grow and come to the forefront of companies, respondents anticipate they will spend 26 percent more time remediating security incidents over the next two years.
#2 Security Team Size at the Largest Organizations Does Not Scale with the Number of Overall Employees
The sizes of various security teams among the respondent companies do not necessarily scale with the overall employees. According to the report, the largest companies (approximately 26,000 total employees) had an average of 17.5 security personnel total or one security professional for every 1,488 employees. For mid-sized companies with an average of 2,510 employees, they had 13.3 security personnel, or one security professional for every 189 employees.
#3 Leading Organizations are Investing in Specialized Roles and Teams to Drive Efficiency
With increased resources, larger companies, with larger security teams, are able to incorporate more specialized employees to focus on specific facets of network security. Small- to mid-sized companies often do not have that luxury and must focus on the immediate needs first. According to the report, “the largest deltas between large and mid-sized organizations are in specialized roles focused on threat intelligence, event triage analysts, and security engineering.”
#4 Use of Endpoint and Network Products Indicates Security Strategies are Evolving, with Largest Organizations Less Reliant on Endpoint Security
The use of updated remediation tools indicates that organizations are evolving their strategies as they pertain to cybersecurity. However, smaller companies may only have the resources to employ entry-level, endpoint security approaches.
Alternatively, larger organizations are graduating to network-based strategies. The report found that those using network-only deployments had a median of 2,750 employees, while those using endpoint-only security deployments had a median of 1,700 employees.
The report shows that, in the face of increasing cybersecurity threats, organizations are adapting and changing their security strategies, especially in their use of network security. “Companies are demonstrating that they’re evolving their strategies,” explained Stevens. “56 percent of all respondents,” he continued, “regardless of organization size, use a combination of endpoint and network security products. That indicates there’s a growing industry-wide recognition that an endpoint-only strategy is ineffective in today’s climate and that achieving visibility from both endpoint and network is critical for investigation, triage, and remediation.”
Stevens concluded on a positive note: “I do believe that organizations are consistently rating cybersecurity as a top concern. And I’d argue, based on the conversations we have with many organizations, that it is actually growing as a priority.”
For the full report, follow this link.