Back to Blog ブログ一覧へ戻る

New Research Uncovers How
Top Security Teams Detect Cyberthreats

By
Garry Veale
|
December 2, 2021

I don’t know about you, but I’d sure like to know what many of the top security pros around the globe are doing to keep pace with today’s cyberthreats? And that’s exactly why we recently worked with Sapio Research to uncover how hundreds of cybersecurity decision makers are currently addressing threats like ransomware, account takeovers and the wide variety of cloud risks associated with today’s threat landscape. Not only did they open their security playbooks, but also shared some of the immediate changes’ organisations should consider if they want their environments to remain free of cybercriminal activity.  

All the findings are available in our report: Fit for Purpose or Behind the Curve? Uncovering how today’s organisations are tackling complex, modern cyberthreats.

Make sure to download the free report, but for now — let’s dive into some of the findings that really stood out.  

89% of security leaders say legacy approaches miss against modern cyberthreats

Take one glance at this lopsided percentage and it’s clear that security leaders have no interest in any legacy that’s being left by relying only on traditional security tools to stop threats. This is of course referring to perimeter-based security solutions that organisations have deployed for decades to keep cybercriminals from entering their enterprise. While prevention is still an important piece to a security strategy, criminals have proven that they’ll gain access regardless of what you put in front of them as a deterrent—they’ll just go through the side gate, window, cat flap or any other crack you’ve left open.

In addition to the improbable ability for organisations to lock down a network perimeter that no longer exists, security leaders also cite several other reasons as to why security tools fail to deliver—poor integration with other tools, failure to detect modern threats and the inability to drive visibility and security across today’s environments.

And while 89% of security leaders expressed that legacy protection strategies don’t provide all the coverage needed; this doesn’t necessarily mean that innovation is lacking in cybersecurity. In fact, the opposite is true, and that’s why so many of the top security leaders are deploying tools and technologies into their already-existing strategy that can keep up with the innovation we’re seeing from cybercriminals. Surprise, surprise — it’s no longer just a prevention.

54% of security leaders spend more on detection and response than on prevention

Yes, you read that right—security leaders that aren’t investing as much in detection and response as they are on prevention, are now in the minority. Overall, this is a great sign that organisations are recognizing the need to have coverage beyond the perimeter. It’s also a bad sign for cybercriminals because the more we see companies incorporate innovative detection and response tools into their strategy, the less success criminals will have launching attacks.

A few years ago, this was simply not the case. Even if we just rewound three years, we’d be looking at scale that heavily tipped towards many organisations being firmly set on prevention as their primary defense strategy. Security teams deserve credit for recognizing the need to change and then adapting to the methods attackers are using to leapfrog prevention. According to the respondents of this report, 69% believe cybercriminals can get around traditional tools, so it’s not all that surprising that the tone has changed. Security leaders are more aware than ever that having the capabilities deployed to detect and stop attacker motions inside an environment can make all the difference between stopping an attack and suffering a breach.

So, while cybercriminals continue to come up with innovative methods to bypass prevention technologies such as multi-factor authentication (MFA), we’re also seeing encouraging evidence that security teams are adjusting their philosophies for the better. Simply put, there are just too many attack vectors for criminals to gain access these days. Getting the basics right on the prevention side should still be a priority and every organisation should always try their best to keep criminals out, but we also must assume that a persistent adversary can still get in. The shift we’re seeing in security spending is a telling sign and could be a reflection that more leaders are recognizing the need to do both—prevent adversaries from getting in, but also have a way to stop them if and when they do.

In addition to the highlights mentioned above, our report, Fit for Purpose or Behind the Curve covers many other cybersecurity trends and challenges organizations are facing today. Make sure you download the full report to see how security leaders are addressing the most complex cyberthreats.