Cloud

2/13/2018
10:25 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

One in Three Businesses Use Outdated Cybersecurity Tools to Address Next-Gen Threats

New research from Cyber adAPT and Ovum reveals that despite increased spending and frequency of threats, businesses are not fully equipped to face growing threat landscape.

February 7th 2018 – Dallas, Texas – A new report released today, commissioned by Cyber adAPT and conducted by Ovum, reveals that nearly a third (31%) of security teams depend solely on outdated tools such as basic search and monitoring for their cyber security needs.

The report, Business has a crucial need for continuous threat visibility and cyber security management services, collates insight from more than 6,000 senior business respondents, as well as in-depth interviews with CISOs, and demonstrates that cyber security spending is increasing at a rate of between 9%-12% each year.

Despite the rise in investment, the volume of attacks continues to skyrocket, with data breach incidents increasing by 40%. The report states that the amount of data lost has grown to unsustainable levels, with 1.9 billion records lost or stolen during the first half of 2017 – more data loss than 2016 as a whole.

This industry is however showing positive signals, with over two-thirds (69%) of security teams switching to a more evolved, analytical approach to defense. These include advanced security information and event management (SIEM), next-generation artificial intelligence (AI), machine learning (ML), and network analytics.

Kirsten Bay, President and CEO of Cyber adAPT, comments: “New generation technologies offer an exciting future for the cyber security industry. Many CISOs are struggling to persuade their boards to invest in new solutions, having failed to demonstrate the returns delivered by outdated tools – in fact, almost 60% of respondents thought they received poor value from their existing investments.”

For organizations not yet utilizing next generation analytics, over half (57%) of teams said they were not ready as the tools would be too difficult to integrate based on the internal skills and resources they draw upon.

Bay continues: “A platform approach, bolstered by AI and machine learning is set to offer real returns for cyber security customers. Technology will no longer rely on human input to detect threats and will prioritize alerts to streamline the CISOs workload, reducing the amount of time a threat is active inside a network.”

Half of organizations (50%) highlighted false positives as something they could not afford to waste time dealing with. Managed Security Services Providers (MSSPs) deliver prioritized threat data offering the potential to save time, 80% of CISOs stated they were prepared to work with a MSSP, and the report predicts this sector will account for more than 20% of total security market share by 2020.

Andrew Kellett, Principal Analyst, Infrastructure Solutions at Ovum, comments: “With an evolving threat landscape, CISOs are battling to equip organizations to improve security and data protection. The lack of available resources within internal teams creates a vulnerability that technology must address. Prioritizing risk must be the focus to ensure effective returns on cyber security investment and safeguard network infrastructures.”

A full copy of the report can be downloaded at: cyberadapt.com/Ovum

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11232
PUBLISHED: 2018-05-18
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
CVE-2017-15855
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...
CVE-2018-3567
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3568
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-5827
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.