Download our in-depth report: The Ultimate Guide to IT Security Vendors
A recent survey of 1,100 senior IT security executives at large enterprises worldwide found that 26 percent of respondents experienced a breach in the past year, and 30 percent classified their organizations as "very vulnerable" or "extremely vulnerable" to cyber attacks.
The 2017 Thales Data Threat Report also found that 73 percent of respondents increased IT security spending in 2017. The top two spending priorities are network protection (62 percent) and endpoint protection (56 percent), while spending on data-at-rest solutions comes last at 46 percent.
"Organizations keep spending on the same solutions that worked for them in the past but aren't necessarily the most effective at stopping modern breaches," 451 Research senior analyst and report author Garrett Bekker said in a statement. "Data protection tactics need to evolve to match today's threats. It stands to reason that if security strategies aren't equally as dynamic in this fast-changing threat environment, the rate of breaches will continue to increase."
Forty-four percent of respondents said meeting compliance requirements is their top spending priority, followed by best practices (38 percent), and protecting reputation/brand (36 percent). Fifty-nine percent of respondents said they believe compliance is "very" or "extremely" effective at preventing data breaches.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
When asked about internal threats, 58 percent of respondents said privileged users are the most dangerous insiders, followed by executive management at 44 percent, ordinary employees at 36 percent and contractors at 33 percent.
Forty-four percent of respondents said cyber criminals present the greatest external threat to their organizations, followed by hacktivists (17 percent), cyber terrorists (15 percent) and nation states (12 percent).
Balabit security lead Sandor Balint told eSecurity Planet by email that the best thing most security professionals can do, once they have the basics in place, is to spend money on improving monitoring. "Collect and analyze logs, preferably using tools that allow fast drill-down and also help connect the dots with features such as advanced anomaly detection and behavioral analytics," he said.
"Do vulnerability scans, perform audits," Balint added. "Once you understand what is going on in your organization, you'll know where the risks are and where to spend your next budget dollars. Read reports and vendor recommendations, but know that ultimately the buck stops with you."
A separate survey [PDF] of 200 IT decision makers, conducted by Vanson Bourne for Arctic Wolf Networks, found that even though 100 percent of respondents said their organization's cyber security could improve in one or more areas, 95 percent believe their cyber security posture is between "above average" and "great."
"Most mid-market enterprises believe they are safe because they have the traditional perimeter defenses in place," Arctic Wolf Networks CEO Brian NeSmith said in a statement. "This falls far short of what's needed for rigorous security in today's complex threat environment. The challenge smaller enterprises face is that they have all the same security issues as large enterprises with only a fraction of the budget and less specialized personnel."
Fifty percent of respondents said cyber security is so complex that they don't know where to start to improve their organization's security posture, and 72 percent said their role covers so many different areas that it's hard to focus on security as much as they should.
Seventy-seven percent of respondents said security alerts are investigated after more than an hour, 52 percent said they're investigated after more than a day, and 50 percent said security alerts are investigated "when IT staff have time."