sb-nz logo
Story image

Report: Cybersecurity pressures on the rise - but there is a solution

06 Aug 2018

In our increasingly digital world, every advance we make is often accompanied by a new avenue for cybercrime.

This has made way for a lucrative cybersecurity industry with an insatiable appetite for new recruits, presenting great opportunities for security professionals – but also great responsibility.

Hence why Trustwave conducted its comprehensive 2018 Security Pressures report of 1,600 in-house cybersecurity professionals around the world to determine how much stress they are actually under and whether it is on the rise.

The short answers? A lot and yes.

Click here to download the full Trustwave 2018 Security Pressures report.

The annual report found that the majority of respondents (54 percent) experienced more security pressures than the year before – the fifth consecutive year pressures have increased.

Trustwave managed security vice president  (APAC) Sam Julien says he doesn’t expect this to be changing anytime soon.

“As long as cybercrime remains a massively profitable industry, it will, just like legitimate industries, continue to evolve through adaptation and innovation," says Julien.

In terms of greatest concerns at the operational level, advanced security threats like sophisticated malware and zero-day vulnerabilities topped the list with 26 percent, followed by lack of budget with 17 percent, and lack of skilled security expertise at 16 percent.

Breaking it down to the most pressure-inducing security threats, phishing attacks were the decisive riser after increasing from eight percent to 13 percent in line with the increased sophistication of social engineering attacks.

However, preventing malware (including ransomware) retained its position as the top inducer of stress with 22 percent, following by identifying vulnerabilities at 17 percent.

And so the question arises, within the organisations who are applying the most pressure? 39 percent of respondents assert it’s coming from C-level executives, board members and business owners, while 27 percent say it’s from direct managers.

Click here to find out more.

However, it’s not all doom and gloom. Despite feeling more pressure, 54 percent of respondents say they’re actually more confident than they were five years ago in their ability to secure their organisation. Furthermore, 42 percent (an eight percent rise from the year before) felt less pressure to roll out projects before security concerns were addressed.

And finally, organisations are acting on these burdens as one of the fastest growing responses to swelling security pressures is the increased adoption of managed security models that offer a host of technology solutions and expertise on demand.

33 percent of respondents are already partnered with a managed security services provider (MSSP), while a further 45 percent plan to in the future. The top three reasons for taking this path are skill shortages with 31 percent, deploying and operating hard to use security technologies at 30 percent, and assisting with security automation at 28 percent.

“As this year’s report depicts, it’s this continuous advancement of the threat landscape, coupled with internal resource constraints, that's racketing up the pressure for those charged with securing assets,” says Julien.

“But it is encouraging that findings also suggest organisations are shifting away from treating security as an afterthought to focus on practices such as secure code development, frequent security testing, and bolstering internal capabilities through managed service models to ease pressure.”

It is certainly promising to see that more businesses are latching onto the MSSP model as it can (as long as it’s with the right provider) greatly enhance internal security teams who are most likely already time and resource depleted.

Now more than ever it’s vital for security teams to fight fire with fire.

The full 2018 Security Pressures Report from Trustwave includes:

  • Which security threats are turning up the heat
  • Your biggest worries following an attack or breach
  • Which compliance mandates have you on edge
  • Two areas where you have pushed back against the pressure
  • Your biggest security wishes for the year ahead

Click here to download and read the full report.

Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Got crypto? Pay tax – A quick look at IR's new crypto-asset guidance
Inland Revenue's new guidance aims to provide more certainty for New Zealand taxpayers who hold crypto-assets, and to help people ‘get things right from the start’.More
Link image
DevOps teams struggling to achieve enterprise scale - tips for enablement
Christian Oestreich, a senior software engineering leader with experience at multiple Fortune 500 companies, shares how a metrics-driven mindset can dramatically improve software quality and enable DevOps at enterprise scale.More
Link image
Data is an organisation's most significant asset - here's how to protect it
Data resilience strategies are becoming more crucial as more value is ascribed to a company's data. If it's not stored securely and cost-effectively, expect problems.More
Story image
The SASE triangle: How a CASB protects managed apps
Enterprises that fail to adapt to the modern business world when it comes to security are likely to fall prey to data breaches and experience a host of other problems, writes Bitglass product marketing manager Will Houcheime.More
Story image
NortonLifeLock introduces dark web monitoring to its security suite
Dark Web Monitoring Powered by LifeLock will be capable of monitoring the dark web, searching for over 120 personal identifiable information including email, physical address, phone number, driver licence number, credit card or bank account numbers and gamer tags.More