Traditional Methods vs. Modern Threats

A recently compiled study of 200 IT security decision-makers of corporations with over 1000 employees in the UK has revealed that 89 per cent class traditional approaches as inadequate against the modern threats.

Inadequate Needs

Vectra, a threat detection and response outfit, also disclosed that 76 per cent of IT decision-makers have invested in tools that have been inadequate for the needs of the company, providing poor integration, failure of threat detection and zero visibility.

69 per cent of those studied disclosed that they believed they had been breached or don’t know if they have, and a third stated that chances are likely. Many of those studied believe that cybercriminals can leapfrog currently available tools and that innovations in security are years behind the more advanced hackers.

Positive Spin

Whilst this was cause for concern, the more positive reflection was that 90 per cent of those studied have said that recent high-profile attacks have resulted in boards taking the proper steps towards stricter cybersecurity measures.

With 68 per cent unveiling the truth of how hard it is to communicate with board members on the value of security, a higher percentage now invest more in detection as well as protection – which suggests a positive shift away from the prevention-first mentality that was a higher standard previously.

As the threat landscape rapidly evolves, traditional defences are proving even more ineffectual. Organizations now require more modern tools to be able to shine a light into the blind spots to deliver better visibility from cloud to on-premise. The combination of needing boards that will listen and be active, and a technology strategy based around understanding it is a case of when it will happen, not if.

Concerns of Understanding

58 per cent have concerns over legislators being ill-equipped to make decisions around cybersecurity matters and wish for more industry input and collaboration. Respondents argue that regulators don’t have a good understanding enough to be able to write laws for cybersecurity professionals.

As the security landscape rapidly evolves and gains new levels of complexity, unfortunately – the advantage lays with cyber hackers. Security leaders are required to step up and adopt fresher approaches in security around detection and response, and the will to step away from prevention-first strategies.

The need for greater communication and consultation amongst the board and regulators will ensure all parties are reading from the same script, creating the right conditions for effective cyber-risk management.

For more information on enterprise security and any IT Security events 2022, check out the upcoming events from Whitehall Media.