A survey of 706 IT and security professionals finds half are not very confident that they can stop a damaging security incident in the next 12 months, with 30% admitting they are less prepared to detect threats and respond to incidents than they were a year ago.
Conducted by Ivanti, a provider of IT and security management software, the survey also suggests data silos that exist between cybersecurity and IT teams are a major factor impeding an organization’s ability to respond to a security incident. A total of 40% of respondents said data silos slow incident response times. Well over two-thirds (69%) said there are significant security data and IT data silos, with 33.8 hours being needed on average to restore service in the wake of a cybersecurity incident.
A full 82% of respondents said their productivity suffers due to data silos, with a third (33%) reporting that a lack of alignment with other functions means stakeholders can’t agree on the right/best course of action when there is an incident.
Overall, survey respondents reported on average 4.3 security incidents organizations respondents reported in the last 12 months.
On the plus side, organizations are making strategic investments to better defend attack surfaces. Identity threat detection and response (47%), cyber asset attack surface management (46%) and generative cybersecurity AI (46%) are the top three emerging technologies organizations are increasingly investing in, the survey finds.
Nevertheless, significant challenges remain. Fewer than half of organizations (46%) have identified the vulnerable third-party systems/components in their software supply chain — though an additional 39% say they plan to do this in the coming year. Just under two-thirds (64%) said they have a documented methodology for prioritizing security patching.
Dr. Srinivas Mukkamala, chief product officer for Ivanti, said that it’s clear many organizations need to revisit their cybersecurity strategy, especially in the wake of the COVID-19 pandemic. With more employees working from home than ever, organizations are still far too dependent on flawed virtual private networks (VPNs) and consumer-grade infrastructure that can be easily compromised, he added.
Organizations should be moving toward secure access service edge (SASE) platforms to better ensure security, no matter how increasingly nomadic employees are remotely logging into an IT environment, said Mukkamala.
From a security perspective, it’s still the wild, wild west with remote access and not enough organizations have made the cultural shift required, he added. In effect, the browser on a mobile device is now the new perimeter that needs to be secured first, noted Mukkamala.
In effect, the size and scope of that attack surface that needs to be defended has fundamentally changed, he added.
It’s not clear to what degree organizations have changed their approach to cybersecurity in recent years. However, it’s apparent that despite an increased number of mandates requiring employees to return to the office, many of them will continue to remotely access applications as they split time between the office and home. The challenge facing cybersecurity teams now is finding the funding to secure the entire attack surface, in a way that makes it easier to meld security and IT operations.