Study: Overconfident organisations prone to cyber breaches
Organisations with a false sense of security when it comes to cybersecurity could be more prone to breaches, according to a report by independent leader in detection and response services Adarma.
The report, ‘A False Sense of Cybersecurity: How Feeling Safe Can Sabotage Your Business’, examines critical aspects of security operations like confidence levels, ‘tool sprawl’, the use of AI and the productivity and well-being of security teams.
Based on a survey of 500 cybersecurity professionals from UK organisations with at least 2,000 employees, Adarma found that 95% of enterprises are ‘very confident’ (53%) or ‘somewhat confident’ (42%) that they do not have gaps in their security controls coverage. Yet, two-thirds (68%) have fallen victim to a cyber-attack in the last two years.
Confidence levels rise with increase in security tools
One possible reason for this disconnect could be the belief that having more security tools leads to better protection for the organisation. The research indicated that confidence levels tended to rise alongside the number of security tools used, as did the chances of experiencing a security breach.
“Unfortunately, the proliferation of cybersecurity products and services has misled many into believing that they are the cure-all to our cybersecurity woes; in fact, it has introduced more complexity and confusion,” said John Maynard, Adarma’s CEO. “More tools do not guarantee protection if they are not properly configured and talking to each other or, for example, if organisations don’t have the expertise to manage incoming alerts appropriately. Ultimately, technology is only as good as the people who are deploying, integrating and optimising it.
Organisations encounter various difficulties when attempting to consolidate their technology stack. According to the survey, 45% struggle with implementation due to its complexity and the need for expertise. Another 43% mention the difficulty in optimising and utilising technology to its fullest potential. Additionally, 40% express concern about becoming dependent on a single vendor.
Adarma recommends that organisations adopt a comprehensive approach to security by considering the complete security technology lifecycle, as well as the required individuals and procedures for integration, configuration, and optimisation. Sufficient resources and capabilities should be assigned to effectively manage security tools.
Additionally, prioritising the consolidation of the security stack can improve efficiency and visibility. However, Adarma warns organisations should proceed cautiously by defining desired business outcomes and having an independent security architect lead the consolidation project.
Security leaders must trust both people and technology, acknowledge gaps in controls, and avoid overconfidence in security.
“By consolidating the tech stack, organisations stand to gain greater visibility over their application estate, allowing for more effective resourcing, more centralised competencies, and reduced digital fragmentation,” Maynard concludes. “But again, successfully making that transition without compromising the organisation’s cyber resilience comes down to having the right people with the know-how.”
******
For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.
Other magazines that may be of interest - Technology Magazine | AI Magazine.
Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.
******
BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.
BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.
