Cisco 2019 CISO Benchmark Study Reports Increased Vendor Consolidation
- Forty-four percent have increased investment in security defense technologies.
- Thirty-nine percent have security awareness training among employees.
- Thirty-nine percent focused on implementing risk mitigation techniques.
- The trend away from point products to vendor consolidation continues— In 2017 54 percent of respondents cited 10 or fewer vendors in their environment. This number has risen to 63 percent.
- In many environments, multiple vendor solutions aren’t integrated, and therefore don’t share alert triage and prioritization. The survey showed that even those CISOs with fewer point solutions could better manage their alerts through an enterprise architecture approach.
- The most collaborative teams lose the least money. Elimination of silos shows a tangible financial upside:
- Ninety-five percent of security professionals reported that their networking and security teams were very or extremely collaborative.
- Fifty-nine percent of those who stated that their networking and security teams were very/extremely collaborative also stated that the financial impact from their most serious breach was under $100,000 – the lowest category of breach cost in the survey.
- There is more confidence in cloud-delivered security and in securing the cloud.
- Ninety-three percent of CISOs reported that migrating to the cloud increased efficiency and effectiveness for their teams.
- The perception of difficulty of protecting cloud infrastructure has decreased—52 percent in 2019 compared to 55 percent in 2017.
- “Cyber fatigue” – defined as virtually giving up on staying ahead of malicious threats and bad actors - is down from 46 percent in 2018 to 30 percent in 2019.
- Employees/users continue to be one of the greatest protection challenges for many CISOs—having an organizational process that starts with security awareness training on day one is essential.
- Only 51 percent rate themselves as doing an excellent job of managing employee security via comprehensive onboarding and processes for transfers and departures.
- Email security remains the number one threat vector.
- Phishing and risky user behavior (e.g. clicking malicious links in email or websites) remains high and is the top concern for CISOs. The perception of this risk has held steady for the past three years between 56 to 57 percent of respondents. Coupled with low levels of security-related employee awareness programs, this represents a possible major gap that the security industry can help address.
- Alert management and remediation remains challenging. A reported drop in remediation of legitimate alerts, 50.5 percent in 2018 to 42.7 percent this year, is concerning given that many respondents are moving toward remediation as a key indicator of security effectiveness.
- Security measurements are changing. The number of respondents who use mean time to detection as a metric for security effectiveness decreased from 61 percent in 2018 to 51 percent in 2019 on average. Time to patch has also dropped in focus from 57 percent in 2018 to 40 percent in 2019. Time to remediate has risen as a success metric: 48 percent of respondents cited this compared to 30 percent in 2018.
- Base security budgeting on measured security outcomes with practical strategies coupled with cyber insurance and risk assessments to guide your procurement, strategy, and management decisions.
- There are proven processes that organizations can employ to reduce their exposure and extent of breaches. Prepare with drills; employ rigorous investigative methods; and know the most expedient methods of recovery.
- The only way to understand the underlying security needs of a business case is to collaborate across siloes – between IT, Networking, Security and Risk/Compliance groups.
- Orchestrate response to incidents across disparate tools to move from detection to response faster and with less manual coordination.
- Combine threat detection with access protection to address insider threat and align with a program like Zero Trust.
- Address the number one threat vector with phishing training, multi-factor authentication, advanced spam filtering and DMARC to defend against Business Email Compromise.
Home >> Banking & Investments Section
Aviation experts at Arabian Travel Market highlight the pivotal role of innovati ...
AlUla recognised with Sustainability Stand Award at Arabian Travel Market 2024
Unlocking the Middle East's Renewable Potential: The Role of Energy Storage
Alexander Mcqueen Ss24 Eyewear Campaign Ft Punk Rivet
South African Tourism Showcases Vibrant Offerings at Arabian Travel Market 2024
Renault Duster: A Standout SUV Choice
New Porsche Taycan Turbo Gt To Debut As Fia Formula E Safety Car At 2024 Sun Min ...
Video content key to engaging Gen Z travellers, say experts at ATM 2024
DIEZ and the Ministry of Investment, Industry, and Trade of the Republic of Uzbe ...
Al Masaood's Auto Central Announces Mega Sale on Certified Pre-Owned Cars
Unforgettable experience for Abu Dhabi visitors and residents at Grand Millenni ...
The Uae Welcomes Future Olympic Sport Flag Football, With First International To ...
Ground Handling Priorities: Safety, Global Standards and Sustainability
French-inspired Monoprix Maison Elevates Shopping in Dubai Hills Mall with Openi ...
UK-based Monument Bank secures funding from Sheikha Amal Bahwan
HMH Achieves Impressive Expansion in KSA, Adding Over 1,000 Rooms
UAE Ministry of Finance Establishes Framework to Enable Sustainable Public-Priva ...
Dubai Department of Economy and Tourism and Emirates deepen partnership to stren ...
Ajman Tourism Goes Global, Signing a Memorandum of Understanding with United Spi ...
Tourism Malaysia Strengthen Ties With West Asia At 31st Arabian Travel Market