Security Teams Still Favor Prevention Over Detection

Security leaders are adjusting their technology "musts" to prioritize endpoint security, data protection, and remote access. Interest in these technologies appears to be driven by new security threats and the fact that many organizations are embracing a hybrid workforce.

Security and IT teams are interested in a multilayered approach data and are working with both technologies for preventing and blocking attacks, as well as techsfor detecting and responding to breaches post-incident. Data from Dark Reading's 2021 Strategic Security Survey shows security leaders are interested in data encryption, endpoint security controls, and virtual private network (VPN) technologies, with 78%, 76%, and 74% of respondents, respectively, identifying them as “effective” or “highly effective” security measures.

Even so, there seems to be a slight preferences for perimeter-focused attack prevention controls, such as next-generation firewalls (73%), antivirus/anti-malware (72%), and intrusion prevention and detection (72%), compared with detection and response technologies, such as endpoint detection and response (EDR, 60%), security information and event management (SIEM, 64%), data loss prevention (DLP, 52%), extended detection and response (XDR, 40%), and threat intelligence services (53%). 

Data from the survey also indicates that security leaders are responding to new threats. For example, interest in data encryption may be driven by the increase in the number of ransomware attacks involving data theft. In the survey, 64% of respondents say they consider log analysis and security information and event management as effective technology to have post-breach, perhaps in response to the growing number of data breaches.