Story image

Report: Cybersecurity pressures on the rise - but there is a solution

06 Aug 2018

In our increasingly digital world, every advance we make is often accompanied by a new avenue for cybercrime.

This has made way for a lucrative cybersecurity industry with an insatiable appetite for new recruits, presenting great opportunities for security professionals – but also great responsibility.

Hence why Trustwave conducted its comprehensive 2018 Security Pressures report of 1,600 in-house cybersecurity professionals around the world to determine how much stress they are actually under and whether it is on the rise.

The short answers? A lot and yes.

Click here to download the full Trustwave 2018 Security Pressures report.

The annual report found that the majority of respondents (54 percent) experienced more security pressures than the year before – the fifth consecutive year pressures have increased.

Trustwave managed security vice president  (APAC) Sam Julien says he doesn’t expect this to be changing anytime soon.

“As long as cybercrime remains a massively profitable industry, it will, just like legitimate industries, continue to evolve through adaptation and innovation," says Julien.

In terms of greatest concerns at the operational level, advanced security threats like sophisticated malware and zero-day vulnerabilities topped the list with 26 percent, followed by lack of budget with 17 percent, and lack of skilled security expertise at 16 percent.

Breaking it down to the most pressure-inducing security threats, phishing attacks were the decisive riser after increasing from eight percent to 13 percent in line with the increased sophistication of social engineering attacks.

However, preventing malware (including ransomware) retained its position as the top inducer of stress with 22 percent, following by identifying vulnerabilities at 17 percent.

And so the question arises, within the organisations who are applying the most pressure? 39 percent of respondents assert it’s coming from C-level executives, board members and business owners, while 27 percent say it’s from direct managers.

Click here to find out more.

However, it’s not all doom and gloom. Despite feeling more pressure, 54 percent of respondents say they’re actually more confident than they were five years ago in their ability to secure their organisation. Furthermore, 42 percent (an eight percent rise from the year before) felt less pressure to roll out projects before security concerns were addressed.

And finally, organisations are acting on these burdens as one of the fastest growing responses to swelling security pressures is the increased adoption of managed security models that offer a host of technology solutions and expertise on demand.

33 percent of respondents are already partnered with a managed security services provider (MSSP), while a further 45 percent plan to in the future. The top three reasons for taking this path are skill shortages with 31 percent, deploying and operating hard to use security technologies at 30 percent, and assisting with security automation at 28 percent.

“As this year’s report depicts, it’s this continuous advancement of the threat landscape, coupled with internal resource constraints, that's racketing up the pressure for those charged with securing assets,” says Julien.

“But it is encouraging that findings also suggest organisations are shifting away from treating security as an afterthought to focus on practices such as secure code development, frequent security testing, and bolstering internal capabilities through managed service models to ease pressure.”

It is certainly promising to see that more businesses are latching onto the MSSP model as it can (as long as it’s with the right provider) greatly enhance internal security teams who are most likely already time and resource depleted.

Now more than ever it’s vital for security teams to fight fire with fire.

The full 2018 Security Pressures Report from Trustwave includes:

  • Which security threats are turning up the heat
  • Your biggest worries following an attack or breach
  • Which compliance mandates have you on edge
  • Two areas where you have pushed back against the pressure
  • Your biggest security wishes for the year ahead

Click here to download and read the full report.

Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Norwegian aluminium manufacturer hit hard by LockerGoga ransomware attack
“IT systems in most business areas are impacted and Hydro is switching to manual operations as far as possible.”
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.