Data management company Cribl, in collaboration with CITE Research, has released the State of Security Data Management 2022. The industry-wide report examines the primary cybersecurity challenges that enterprises are facing in the midst of hybrid work mandates, ongoing digital transformation efforts, and rapidly growing data volumes. Conducted in September 2022, the report surveyed 1,000 senior-level IT and security decision-makers.
Key findings from the research:
- Two in three organisations believe their data management strategy isn't sustainable beyond three years, with one-third of organizations acknowledging that it's sustainable for less than one year, which could impact both threat visibility and attack response time.
- 63% currently use more than 25 tools for data visibility and control, with more than 40% planning to add more tools in the next 12-24 months––as the majority of organisations are now managing more than 30 data sources.
"We all know cybersecurity teams are under incredible pressure, but what these results indicate is that beneath the surface of what the headlines espouse — sophisticated attackers, expanding attack surface, skills shortages — lies a more entrenched problem for cybersecurity teams: data," said Clint Sharp, CEO and co-founder of Cribl. "Practitioners are drowning in a deluge of data while managing dozens of tools and external vendors, limiting organisations' visibility and hindering their ability to swiftly respond to potential threats. But there's a light at the end of the tunnel: We're trending towards greater collaboration between IT and security teams and increased interoperability between tools, which will boost the cybersecurity industry in coming years."
Additional findings include:
- Despite acknowledging that their data management strategies are not sustainable, 92% of organisations state that they are confident in their current strategy.
- Nine in 10 respondents indicated that IT and security teams are now working closely together, and rely on the same information and tools in their day-to-day operations.
- Though historically hesitant to outsource cybersecurity operations, nearly 70% of organisations have an internal incident response and an external managed detection and response (MDR) provider.
- 53% of organisations believe greater control over their data would improve response and remediation time, 52% believe it would improve threat visibility, and 50% believe it would improve alert management.