Cybersecurity Is More Difficult Than 2 Years Ago

Researchers at ESG have published a new research report titled, Cybersecurity Analytics and Operations in Transition, based on a survey of 412 cyber-security and IT professionals working at large mid-market (i.e. 500 to 999 employees) and enterprise (i.e. more than 1,000 employees) organisations in North America and Western Europe.

27 percent of survey respondents say cyber-security analytics and operations is much more difficult than two years ago, while another 45 percent say cyber-security analytics and operations is somewhat more difficult today than two years ago.

Why cyber-security operations are more difficult

All-told, 72 percent of cyber-security and IT professionals believe cyber-security analytics and operations is more difficult in 2017 than 2015.

Why is this the case?

The top reasons making things more difficult include:

•    The threat landscape. Survey respondents admit that it has become extremely difficult to keep up with the volume, sophistication and dynamic nature of cyber threats. In many cases, cybersecurity teams don’t have the right skills to monitor and proactively respond to changing threats, which gives the bad guys a distinct advantage.

•    Changing regulatory compliance demands. A constant stream of regulatory compliance mandates perpetually increases the workload on the security operations center (SOC) staff. With regulations like the New York State department of financial services and the general data protection regulation (GDPR) in Europe, regulatory rules and changes aren’t going to get any easier either.

•    The growing volume of security alerts. Organisations are adding new tools for threat detection, but this only increases daily security alert storms. Security analysts are then called upon to triage, investigation and prioritise these alerts. But in reality, all they can do is cherry pick and focus on obvious security incidents. This means more difficult and stealthy attacks tend to go unnoticed.

•    Gaps in security monitoring. To me, this one is pretty frightening. Cyber-security professionals admit there are systems, network segments, applications, devices, etc. that fall outside the scope of their security monitoring tools and processes.
 
Cyber-security analytics and operations suffer from "death by a thousand cuts."  CISOs often face organisational, process and technology problems that keep getting worse.

CSO Online:

You Might Also Read:

Cybersecurity Is Too Important To Leave To IT:

Three Most In-Demand Cybersecurity Jobs:

« Three Most In-Demand Cybersecurity Jobs
UK National Cyber Security Centre Has Not Certified Kaspersky »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DMH Stallard

DMH Stallard

DMH Stallard is a mid-market law firm. Areas of expertise include cyber security and cyber crime.

Hitachi ID Systems

Hitachi ID Systems

Hitachi ID Systems offers comprehensive identity management and access governance, privileged access management and password management solutions.

Digital DNA

Digital DNA

Digital DNA provides Law-Enforcement-Grade Computer Forensics, Cyber Security and E-Discovery Investigations.

Allianz

Allianz

Allianz Cyber Protect is a comprehensive cyber insurance provided internationally and tailored to your company´s risk profile.

Fornetix

Fornetix

Fornetix is a cybersecurity platform enabling Zero Trust while delivering critical encryption automation, access controls, authorization services, machine identity, and ICAM solutions,

MonsterCloud

MonsterCloud

MonsterCloud is a leader in managed cyber security services. Our cyber security team constantly monitors and protects businesses from cyber threats.

Cynterra

Cynterra

Cynterra is a next generation cloud cyber security and data analytical service provider offering cloud security compliance, data protection, visibility and threat protection services.

Blockchains LLC

Blockchains LLC

Blockchains is committed to changing the world for the better. Using blockchain and other innovative technologies, we’ll build new systems, new security, and new interactions.

Knowledge Transfer Network (KTN)

Knowledge Transfer Network (KTN)

KTN links new ideas and opportunities with expertise, markets and finance through our network of businesses, universities, funders and investors.

Automox

Automox

Remediate vulnerabilities 30X faster than the industry norm – and dramatically reduce your risk with simple, fast, and cloud-native endpoint hardening from Automox.

10dot Cloud Security

10dot Cloud Security

10dot Cloud Security is a security service management company. Our solutions give you contextualised visibility into your network security.

Blumira

Blumira

Blumira provides comprehensive, hybrid cloud security monitoring and reporting for organizations of all sizes, enabling them to detect and respond to cloud security threats quickly and effectively.

ClearHub

ClearHub

The aim of ClearHub is simple: to give businesses like yours access to the best talent, all screened and technically tested by Clearvision’s expert team.

Sencode Cyber Security

Sencode Cyber Security

Sencode provides a range of IT security solutions and services, including penetration testing and cyber awareness training to help mitigate the growing risks to your corporate infrastructure.

Charles IT

Charles IT

Charles IT is your friendly, no-nonsense IT team focused on helping companies make their technology work for them. We focus on building relationships that deliver results.

Blackmere Consulting

Blackmere Consulting

Blackmere Consulting is a Nationwide Technical and Executive Recruiting firm dedicated to Cyber Security and Information Technology.