Saturday, 24th July 2021

Security - the need for a new approach

Leaders increase their security response effectiveness through automating security tasks and prioritising threats based on business criticality.

A new survey of 300 Chief Information Security Officers (CISOs) from around the world byServiceNow spotlights the need for a new approach to respond to the rising number and cost of data security threats. In “The Global CISO Study: How Leading Organisations Respond to Security Threats and Keep Data Safe,” 88 per cent of UK CISOs surveyed report that detected data breaches are going unaddressed, compared to 80 per cent globally, and 64 per cent say it is difficult to prioritise threats based on business criticality.
This comes at a cost: Six per cent of UK CISOs (13 per cent globally) reported experiencing a significant security breach causing reputational or financial damage in the past three years. Manual processes, resources and talent deficiencies, and the inability to prioritise threats are impairing security response effectiveness. As a result, CISOs are increasing the automation of security tasks to bolster their response and remediation efforts.
“UK CISOs are spending an increasing amount on preventing and detecting data breaches, but our research underscores that response is where they should focus,” said Chris Pope, Office of the Chief Strategy Officer, ServiceNow. “Automating and orchestrating security response is the missing link for CISOs to radically increase the effectiveness of their security programs.”
Additional findings of the study from the UK include:
  • Only 18 per cent rate their company as highly effective at preventing security breaches (19 per cent globally).
  • Customers may suffer the most from these gaps: Only 44 per cent of CISOs believe they are highly effective at protecting against customer data breaches (38 per cent globally).
  • Around two in five (38 per cent) of UK CISOs say manual processes and 32 per cent say a lack of resources are barriers to their organisation’s ability to detect and respond to security breaches.
  • Around one in 10 (12 per cent) of UK CISOs say their employees have developed the skills necessary to successfully prioritise security threats (7 per cent globally).
A small group of the overall survey sample (11 per cent globally and 12 per cent in the UK), titled “Security Response Leaders,” differ from the rest in that they:
    • Automate a higher percentage of security activities, including more advanced tasks such as trend reporting.
    • Prioritise responses to security alerts based on business criticality.
    • Build stronger relationships with IT and other departmental functions.
83% of respondents believe their organization is at risk, while 64% anticipate the problem escalatin...
Aqua Security has released the results of its 2021 Cloud Native Security Survey revealing the knowle...
Sophos has acquired Braintrace, further enhancing Sophos’ Adaptive Cybersecurity Ecosystem with Brai...
Tanium study finds that organisations can save money as they grapple with issues such as mass remote...
SentinelOne endpoint detection and response products are now available directly from ConnectWise.
Following cyber-attacks last year against Israel’s water utilities the authority has already made a...
Jointly developed network threat detection service helps cloud customers solve critical security cha...
Dataquest Group has signed a deal with Acronis, offering the most effective ways to store, protect a...