Businesses investing in ‘outdated’ cyber security

0

With security innovation years behind that of the attackers, prevention-centric approaches no longer serving businesses, and the role of boards and legislation more important than ever, Vectra AI research shows the ‘game needs to be changed’

Today’s organisations are continuing to fail by tackling complex, modern cyber threats using outdated methods amid significant changes taking place in today’s threat landscape.

Vectra’s Security Leaders Research Report found that legacy thinking has security leaders and businesses investing in solutions that rely on outdated approaches, and the debate between detection versus prevention solutions coming to a head.

The report, which is part of a larger global study of 1800 security decision makers conducted by Sapio Research, shares insights from 200 IT security decision makers working at organisations with more than 500 employees in the Australia and New Zealand region.

Of those surveyed, 85% think traditional approaches don’t protect against modern threats and that ‘the game needs to be changed’ when it comes to dealing with attackers, which is in line with 89% globally.

The report reveals how security leaders believe legacy tooling and thinking is impeding organisations from protecting against modern threats, and that a new approach is needed to detect and stop attacks that leapfrog current legacy tools.

Key findings include:

  • The majority (85% ANZ, 83% global) agreed that traditional approaches don’t protect against modern threats, and only 40% were confident their security tools would protect against sophisticated attacks
  • More than half of security decision makers (58% ANZ, 79% global) reported they purchased a security solution that has failed on at least one occasion
  • More than half (60% ANZ, 64% global) are worried their tools have missed something, and 57% feel it’s possible or likely they’ve been breached while being unaware of it happening
  • 86% believe cybersecurity decisions made by the C-Suite are influenced by relationships with legacy vendors (83% global), and 45% (54% global) said they are a decade behind on security discussions
  • Of those who’ve read regulatory guidance, 93% found it at least somewhat useful, and 80% feel regulators have a strong enough understanding of the harsh realities that security teams face.

“New technology is coming into the market, but effectively protecting against threats requires a mindset shift,” says Vectra Director of Security Engineering APJ, Chris Fisher.

“We need to sit back and say, what do we need to be doing differently? We need to consider how we can push the boundary and take us one step ahead of where attackers are at.

“Now we can begin to look at detection and response, and the likes of machine learning to help drive mundane tasks and better understand attacker behaviour, which is far more beneficial than understanding the attacker themselves.

“From here we can move into testing, seeing what works in our environment, and building up that layered defence.”

Overall, security leaders are resigned to the fact that attackers are now one step ahead. This is highlighted by the fact that most respondents to the survey were aware their security tools were failing them, or were ineffective, leading to ongoing worry about missing threats or attacks until it’s too late.

Highlighting the propensity with which incidents are occurring, 75% stated they’ve experienced a significant security event that required an incident response effort, with alerts from security tools the most common way incidents are discovered.

In the ANZ region, poor integration was commonly cited as the number one issue (45%), followed by failure to detect modern attacks at 44% and lack of visibility across all environments at 43%. On a global scale, the most commonly experienced issue at 38% was failure to detect modern attacks.

Legacy thinking, ineffective investment into solutions and lack of awareness of boards are crucial and ongoing challenges security teams and leaders are facing.

On the positive side, changes are taking place as the nature and reality of threats becomes more apparent.

The survey found that in ANZ, recent high-profile attacks have meant the board is starting to take proper notice of cybersecurity (88%). This is a positive indication that boards may become security leaders’ greatest allies.

However, the survey also shows that traditional top-down ways of thinking and corporate culture can also have a negative impact. In fact, 86% believe that the cybersecurity decisions their boards make are influenced by existing relationships with legacy vendors, and 45% said the board is a decade behind when it comes to discussions on security.

“Legacy choices are the safe choice, so when we think about the traditional viewpoint that many boards may have, it makes sense as they’re generally risk averse,” Fisher says.

“Unfortunately, this is no longer a stance that makes sense with the threats we’re facing today. No one likes hearing ‘we’re going to get breached’ but these honest conversations are the ones we need to be having so we can be prepared, and we can come to grips with the challenges and how we can meet them.

“Security leaders must take on the role of raising awareness, not only within their teams but at a board level. The decisions and thinking at the top will set the overall tone and direction, so this is a crucial piece of any security strategy.”

 

Download Vectra’s Security Leaders Research Report here.

Share.