Enterprises may be allocating more IT dollars toward cybersecurity, but security leaders are still trying to figure out what kind of technology controls to spend the money on. Data from Dark Reading’s 2021 Strategic Security Survey suggests that security leaders perceive both sets of technologies – prevention and detection – as being an important part of implementing multilayered security defenses. Even though the threat landscape and vulnerabilities have changed over the past year-and-a-half, security strategies remain largely unchanged, and security leaders appear to be focusing on tools to implement security strategies around multifactor authentication (MFA), threat intelligence analysis, and incident response.
The data shows 69% of respondents consider MFA to be an effective cybersecurity practice, followed by 61% for security awareness training and 58% for threat intelligence analysis. An increase in data breaches and other security incidents continue to spur interest in developing incident response capabilities, according to 60% of respondents. In addition, concern over the growing sophistication of malware tools appears to be driving interest in the need for malware analysis to dealing with modern threats, according to 66% of respondents.
There is also a growing interest in source code auditing and establishing secure development processes, with 49% of respondents considering these part of an effective security practice.
While security leaders are looking at technologies for both preventing and block attacks, as well as those for detecting and responding to breaches as they happen, there is still a slight preference for perimeter-focused attack prevention controls, the data shows.