Story image

Report: Cybersecurity pressures on the rise - but there is a solution

06 Aug 2018

In our increasingly digital world, every advance we make is often accompanied by a new avenue for cybercrime.

This has made way for a lucrative cybersecurity industry with an insatiable appetite for new recruits, presenting great opportunities for security professionals – but also great responsibility.

Hence why Trustwave conducted its comprehensive 2018 Security Pressures report of 1,600 in-house cybersecurity professionals around the world to determine how much stress they are actually under and whether it is on the rise.

The short answers? A lot and yes.

Click here to download the full Trustwave 2018 Security Pressures report.

The annual report found that the majority of respondents (54 percent) experienced more security pressures than the year before – the fifth consecutive year pressures have increased.

Trustwave managed security vice president  (APAC) Sam Julien says he doesn’t expect this to be changing anytime soon.

“As long as cybercrime remains a massively profitable industry, it will, just like legitimate industries, continue to evolve through adaptation and innovation," says Julien.

In terms of greatest concerns at the operational level, advanced security threats like sophisticated malware and zero-day vulnerabilities topped the list with 26 percent, followed by lack of budget with 17 percent, and lack of skilled security expertise at 16 percent.

Breaking it down to the most pressure-inducing security threats, phishing attacks were the decisive riser after increasing from eight percent to 13 percent in line with the increased sophistication of social engineering attacks.

However, preventing malware (including ransomware) retained its position as the top inducer of stress with 22 percent, following by identifying vulnerabilities at 17 percent.

And so the question arises, within the organisations who are applying the most pressure? 39 percent of respondents assert it’s coming from C-level executives, board members and business owners, while 27 percent say it’s from direct managers.

Click here to find out more.

However, it’s not all doom and gloom. Despite feeling more pressure, 54 percent of respondents say they’re actually more confident than they were five years ago in their ability to secure their organisation. Furthermore, 42 percent (an eight percent rise from the year before) felt less pressure to roll out projects before security concerns were addressed.

And finally, organisations are acting on these burdens as one of the fastest growing responses to swelling security pressures is the increased adoption of managed security models that offer a host of technology solutions and expertise on demand.

33 percent of respondents are already partnered with a managed security services provider (MSSP), while a further 45 percent plan to in the future. The top three reasons for taking this path are skill shortages with 31 percent, deploying and operating hard to use security technologies at 30 percent, and assisting with security automation at 28 percent.

“As this year’s report depicts, it’s this continuous advancement of the threat landscape, coupled with internal resource constraints, that's racketing up the pressure for those charged with securing assets,” says Julien.

“But it is encouraging that findings also suggest organisations are shifting away from treating security as an afterthought to focus on practices such as secure code development, frequent security testing, and bolstering internal capabilities through managed service models to ease pressure.”

It is certainly promising to see that more businesses are latching onto the MSSP model as it can (as long as it’s with the right provider) greatly enhance internal security teams who are most likely already time and resource depleted.

Now more than ever it’s vital for security teams to fight fire with fire.

The full 2018 Security Pressures Report from Trustwave includes:

  • Which security threats are turning up the heat
  • Your biggest worries following an attack or breach
  • Which compliance mandates have you on edge
  • Two areas where you have pushed back against the pressure
  • Your biggest security wishes for the year ahead

Click here to download and read the full report.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.