LogRhythm, the security intelligence company, has released its annual benchmark survey, which measures the cybersecurity perceptions and practices of organisations in the United States, United Kingdom and Asia-Pacific regions.
Among its top findings, the new research study, Cybersecurity: Perceptions & Practices, found that less than half of all organisations were able to detect a major cybersecurity incident within one hour.
Even more concerning, less than one-third said that even if they detected a major incident, they would be unable to contain it within one hour.
The study, conducted by Widmeyer, which surveyed 751 IT decision-makers from the US, UK and Asia-Pacific, also revealed that a majority of organisations are only moderately confident in their ability to protect their companies against hackers.
Matt Winter, VP of Marketing and Business Development at LogRhythm, said: “Cyberthreats continue to grow in volume and intensity. Seemingly every month, another massive security breach dominates the headlines.
“To combat these threats, organisations need to carefully plan their budgets and strategies, while developing effective programmes that tackle specific threats and keep them one step ahead of cyber attackers.”
The current state of security maturity
Many companies are focused on growing their security maturity and team size is an important indicator. The survey revealed that, on average, companies employ 12 cybersecurity professionals in their organisation. However, more than half of the respondents said they employ 10 or fewer professionals on their teams.
Special threat detection programs are another indicator of security maturity. This study found that most decision-makers – more than 70% of respondents – have programs in place to detect specific threats, such as ransomware, insider or employee threats and denial of service attacks.
The majority of IT decision-makers – 95% – also use security software to prevent and react to threats. More than one-quarter deploy at least 10 security software solutions to manage security threats.
Level of security confidence
When it comes to confidence levels, about half of security decision-makers believe a determined hacker can still breach their organisation. More than one-third reported that their company had experienced a breach in the past year – ranging from 29% in the United States to 39% in the Asia-Pacific region.
Ability to respond to cyberthreats
There are many factors that enable a security team to quickly detect and respond to an incident. Such factors include technology, process, computer programs and people. When it comes to technology, a strong majority (nearly 80%) of IT executives said that a platform for security management, analysis and response is beneficial – though only around one-third rated such a platform as very beneficial. This response may reinforce the notion that true security confidence cannot be created with technology alone.
Click below to share this article
