CDW Survey Surfaces Cybersecurity Tool Sprawl Challenges
A survey of 950 IT and security professionals finds more than two-thirds (68%) manage between 10 to 49 security tools or platforms, with 40% noting it is either very (8%) or somewhat difficult (32%) to integrate these tools.
Conducted by CDW, the survey also finds that 27% are experiencing budgetary challenges as they seek to maintain cybersecurity. A quarter of respondents (25%) report their cybersecurity teams are understaffed. Additionally, 45% attributed the majority of their stress to staffing issues. Overall, 41% said they were either very or somewhat stressed by their cybersecurity responsibilities.
Just under half (49%) of the IT and security professionals said they feel their organization is very prepared to respond to a cybersecurity incident, with another 32% feeling somewhat prepared. Network monitoring (89%), data security tools (87%) and encryption (85%) rank as the capabilities that respondents said they have the most confidence in. A full 88% said they are either somewhat (38%) or very confident (50%) that they have sufficient visibility into cybersecurity, with 61% noting they consider identity access management (IAM) an effective method for attaining that visibility.
Forty-one percent report being in the advanced stages of implementing zero-trust policies, and another 12% claim to have reached an advanced state of maturity.
Nevertheless, 43% said their organization had experienced a security breach that caused downtime and cost them between $1 million and $10 million. Another 8% said an incident cost their organization more than $10 million.
The survey also finds that 61% noted that insurance policy requirements now heavily influence their organization’s cybersecurity strategy. Just under a third (29%) said that the executive responsible for cybersecurity reports to the CEO.
Finally, just over a quarter of respondents (26%) work for organizations that consume managed security services.
Stephanie Hagopian, vice president of security for CDW, said organizations are relying on a mix of services, tools, and platforms to maintain cyber resiliency. There is no one solution, she added.
However, cybersecurity teams are better aligned with business strategy, as organizations balance their investment levels and the risks the business faces, said Hagopian. In fact, CISOS have never had more access to CEOs and boardrooms than they do today, she noted.
The challenge, as always, is proving that the tools, platforms, and services are making a difference. Many business leaders wonder why breaches still occur despite all the cybersecurity investments. Those executives need to be reminded that cybersecurity strategies and investments need to evolve as adversaries continuously adopt new tactics and techniques.
In the meantime, there will always be a need for additional capabilities to combat new threats, the latest of which is artificial intelligence (AI). Fortunately, AI can benefit defenders as much as their adversaries. The issue now is marshalling the resources required to achieve that goal before cybercriminal syndicates and nation states leverage AI to launch more sophisticated attacks at levels of unprecedented scale.
Photo credit: Francisco Moreno on Unsplash
Recent Articles By Author