As outlined in CISOs’ Toughest Dilemma: Prevention Is Faulty, yet Investigation Is a Burden, the cybersecurity tech company quizzed 1050 people responsible for purchasing IT security within companies in the US and Europe to explore CISOs’ needs in the prevention-detection-response-investigation era.
The research showed how a lack of visibility, speed and personnel affects the development of stronger security practices in companies, leaving CISOs feeling over-burdened and under-resourced: almost 70% of respondents stated their team is under-resourced and 72% admitted their team had experienced agent and alert fatigue.
What’s more, 50% of CISOs said their organization suffered a breach in the past 12 months, whilst one in sixth of those did not know how the breach occurred. That concerning trend looks set to continue too, with a quarter of all respondents saying their company is likely to face an ongoing security breach without them knowing it.
“Today’s resource- and skill-constrained IT security teams need an endpoint detection and response (EDR) approach that allows for less human intervention and a higher level of fidelity in incident investigations,” Bitdefender’s VP of enterprise solutions Harish Agastya said. “EDR for everyone can be achieved through a funnel-based approach of prevention-detection-investigation-response, leaving the EDR layer to focus on threats further down the funnel in the unknown or potential threat category, and IT teams to focus solely on the alerts and tasks that are truly significant.”
Speaking to Infosecurity Adrian Davis, director of cybersecurity advocacy for EMEA, (ISC)2 added that the continuing cyber-skills shortage is often portrayed as being caused by a supply-side problem, but recent research indicates it is also a failure of talent retention.
“Part of the solution to this is to realize that cyber-threats are now a key business risk comparable to financial and legal risks and thus make it part of the central risk management strategy, giving cyber professionals a vital role to play and a stronger voice within the organization.
“Organizations must get more creative at recruiting cyber professionals and change their recruitment checklist and interview process to look for attributes and skillsets, rather than previous experience. Recruiting exclusively from people with previous experience not only means failing to diversify the workforce, but it also means fishing in a very shallow pool of talent.”