Cybersecurity Is More Difficult Than 2 Years Ago

Uploaded on 2017-07-28 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Researchers at ESG have published a new research report titled, Cybersecurity Analytics and Operations in Transition, based on a survey of 412 cyber-security and IT professionals working at large mid-market (i.e. 500 to 999 employees) and enterprise (i.e. more than 1,000 employees) organisations in North America and Western Europe.

27 percent of survey respondents say cyber-security analytics and operations is much more difficult than two years ago, while another 45 percent say cyber-security analytics and operations is somewhat more difficult today than two years ago.

Why cyber-security operations are more difficult

All-told, 72 percent of cyber-security and IT professionals believe cyber-security analytics and operations is more difficult in 2017 than 2015.

Why is this the case?

The top reasons making things more difficult include:

•    The threat landscape. Survey respondents admit that it has become extremely difficult to keep up with the volume, sophistication and dynamic nature of cyber threats. In many cases, cybersecurity teams don’t have the right skills to monitor and proactively respond to changing threats, which gives the bad guys a distinct advantage.

•    Changing regulatory compliance demands. A constant stream of regulatory compliance mandates perpetually increases the workload on the security operations center (SOC) staff. With regulations like the New York State department of financial services and the general data protection regulation (GDPR) in Europe, regulatory rules and changes aren’t going to get any easier either.

•    The growing volume of security alerts. Organisations are adding new tools for threat detection, but this only increases daily security alert storms. Security analysts are then called upon to triage, investigation and prioritise these alerts. But in reality, all they can do is cherry pick and focus on obvious security incidents. This means more difficult and stealthy attacks tend to go unnoticed.

•    Gaps in security monitoring. To me, this one is pretty frightening. Cyber-security professionals admit there are systems, network segments, applications, devices, etc. that fall outside the scope of their security monitoring tools and processes.
 
Cyber-security analytics and operations suffer from "death by a thousand cuts."  CISOs often face organisational, process and technology problems that keep getting worse.

CSO Online:

You Might Also Read:

Cybersecurity Is Too Important To Leave To IT:

Three Most In-Demand Cybersecurity Jobs:

« Three Most In-Demand Cybersecurity Jobs
UK National Cyber Security Centre Has Not Certified Kaspersky »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Computer Laboratory - University of Cambridge

Computer Laboratory - University of Cambridge

Computer security has been among the Laboratory’s research interests for many years, along with related topics such as cryptology

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Westermo Network Technologies

Westermo Network Technologies

Westermo designs and manufactures robust, resilient and secure data communications products for mission-critical industrial systems.

Insta Group

Insta Group

Insta are a trusted cyber security partner for security-critical companies and organizations.

BPC Banking Technologies

BPC Banking Technologies

BPC’s advanced fraud prevention solution helps card issuers and acquirers combat the growing threat by monitoring 100% of transactions, online, in real-time across all channels.

TruSTAR Technology

TruSTAR Technology

TruSTAR is a threat intelligence exchange platform built to protect and incentivize information sharing.

36 Group

36 Group

36 Group's criminal law team, has the experience and specialist knowledge to conduct effectively trials heavily concerned with the growing phenomenon of Cybercrime.

Trusted Security Solutions (TSS)

Trusted Security Solutions (TSS)

TSS are specialist in IT Security and providing Cybersecurity Solutions & Services combined with storage and backup.

Gen Digital

Gen Digital

At Gen™, our mission is to create technology solutions for people to take full advantage of the digital world, safely, privately, and confidently – so together, we can build a better tomorrow.

IONOS

IONOS

IONOS is a leading provider of cloud infrastructure, cloud services, and hosting with more than 8.5 million customers contracts.

GoodAccess

GoodAccess

GoodAccess is the cybersecurity platform that gives your business the security benefits of zero trust without the complexities so your users can securely access digital resources anytime, anywhere.

ActiveFence

ActiveFence

ActiveFence enables Trust & Safety teams to be proactive about online integrity so they can keep their users safe from online harm – across content formats, languages, and abuse areas.

ArmorPoint

ArmorPoint

ArmorPoint redefines the traditional approach to cybersecurity by combining network operations, security operations, and SIEM technology in one platform.

Dynamic Networks

Dynamic Networks

Dynamic Networks provide Managed Cloud Services; Unified Communications; Security & Compliance Services and Network & Infrastructure Services for both Public Sector and Private sector businesses.

Cybit

Cybit

Cybit is the one-stop-shop for digital transformation that scales in line with your growth.

Winslow Technology Group (WTG)

Winslow Technology Group (WTG)

Winslow Technology Group is a leading provider of IT Solutions, Managed Services, and Cybersecurity Services dedicated to providing exceptional business outcomes for our customers since 2003.