Cribl releases State of Security Data Management Report 2022

Despite dozens of tools and external vendors, 2 in 3 organisations believe their data strategy isn't sustainable beyond three years according to Cribl.

Data management company Cribl, in collaboration with CITE Research, has released the State of Security Data Management 2022. The industry-wide report examines the primary cybersecurity challenges that enterprises are facing in the midst of hybrid work mandates, ongoing digital transformation efforts, and rapidly growing data volumes. Conducted in September 2022, the report surveyed 1,000 senior-level IT and security decision-makers.

Key findings from the research:

  • Two in three organisations believe their data management strategy isn't sustainable beyond three years, with one-third of organizations acknowledging that it's sustainable for less than one year, which could impact both threat visibility and attack response time.
  • 63% currently use more than 25 tools for data visibility and control, with more than 40% planning to add more tools in the next 12-24 months––as the majority of organisations are now managing more than 30 data sources.

"We all know cybersecurity teams are under incredible pressure, but what these results indicate is that beneath the surface of what the headlines espouse — sophisticated attackers, expanding attack surface, skills shortages — lies a more entrenched problem for cybersecurity teams: data," said Clint Sharp, CEO and co-founder of Cribl. "Practitioners are drowning in a deluge of data while managing dozens of tools and external vendors, limiting organisations' visibility and hindering their ability to swiftly respond to potential threats. But there's a light at the end of the tunnel: We're trending towards greater collaboration between IT and security teams and increased interoperability between tools, which will boost the cybersecurity industry in coming years."

Additional findings include:

  • Despite acknowledging that their data management strategies are not sustainable, 92% of organisations state that they are confident in their current strategy.
  • Nine in 10 respondents indicated that IT and security teams are now working closely together, and rely on the same information and tools in their day-to-day operations.
  • Though historically hesitant to outsource cybersecurity operations, nearly 70% of organisations have an internal incident response and an external managed detection and response (MDR) provider.
  • 53% of organisations believe greater control over their data would improve response and remediation time, 52% believe it would improve threat visibility, and 50% believe it would improve alert management.
Share

Featured Articles

Top 10 open-source intelligence platforms for amateur spies

Cyber Magazine looks at some of the websites, apps and code that allow regular web users to investigate bugs and hacks using open-source intelligence

Testing time for British intelligence search for girl power

More than 8,700 girls set to take part in a contest which seeks to inspire young women to pursue cyber careers and create lasting change in the industry

One in five business leaders fear cybersecurity “inside job”

Business leaders worry about the threat from within, with 71% convinced their next big cybersecurity event will be caused by an employee, new survey claims

GCHQ says UK under attack from groups in Russia and Iran

Operational Security

ICYMI: Spoofing plane dangers and “terrorism on steroids”

Network Security

FBI turns tables on hackers in ransomware “cyber stakeout”

Network Security