New study finds IT professionals lack confidence in their ability to detect and contain cyber breaches

LogRhythm has released its annual benchmark survey, which measures the cybersecurity perceptions and practices of organisations in the United States, United Kingdom and Asia-Pacific regions.

By Imogen Hargreaves Apr 06th 2018

LogRhythm has released its annual benchmark survey, which measures the cybersecurity perceptions and practices of organisations in the United States, United Kingdom and Asia-Pacific regions.

Among its top findings, the study found that less than half of all organisations were able to detect a major cybersecurity incident within one hour. Even more concerning, less than one-third said that even if they detected a major incident, they would be unable to contain it within one hour.

The study, conducted by Widmeyer, which surveyed 751 IT decision makers from the US, UK and Asia/Pacific, also revealed that a majority of organisations are only moderately confident in their ability to protect their companies against hackers.

“Cyber threats continue to grow in volume and intensity. Seemingly every month, another massive security breach dominates headlines,” said Joanne Wong, Senior Regional Director for Asia Pacific & Japan at LogRhythm. “To combat these threats, organisations need to carefully plan their budgets and strategies, while developing effective programs that tackle specific threats and keep them one step ahead of cyberattackers.”

Many companies are focused on growing their security maturity, and team size is an important indicator. The survey revealed that, on average, companies employ 12 cybersecurity professionals in their organisation. However, more than half of the respondents said that they employ 10 or fewer professionals on their teams.

Special threat detection programs are another indicator of security maturity. This study found that more than 70% of respondents have programs in place to detect specific threats such as ransomware, insider or employee threats and denial of service attacks. More than a quarter deploy at least 10 security software solutions to manage security threats.

When it comes to confidence levels, about half of security decision makers believe that a determined hacker can still breach their organisation. Over one-third reported that their company has experienced a breach in the last year - ranging from 29% in the United States to 39% in the Asia-Pacific region.

When asked about the level of confidence, these decision makers revealed that they are only moderately confidence in their cybersecurity measures and abilities. Similarly, most IT executives are only somewhat confident that their security software can detect all major breaches. Likewise, they are only moderately confident that they can protect their companies from hackers.

There are many factors that enable a security team to quickly detect and respond to an incident, including technology, process, programs and people. When it comes to technology, a strong majority of IT executives said that a platform for security management, analysis and response is beneficial.

When asked to consider how their organisation is operating from a Threat Lifecycle Management perspective, IT executives were not overly optimistic. About a third of all respondents reported that they need help at virtually all stages in the TLM framework, especially detecting, investigating, neutralising and recovering from cyberthreats.

Security organisations need adequate funding to effectively fight cybercrime. However, the study found that the percentage of resources allocated to cybersecurity from the overall IT budget is often on the lower side. Overall, one-third of executives allocate 10% or less of their IT budget to security. When asked about their comfort level with security funding, 57% of IT executives indicated they are moderately comfortable with their companies level of security funding; however, nearly a quarter said they are not comfortable.