91 Percent of Cybersecurity Executives Believe Achieving Complete Breach Intolerance is Important, Yet Majority Lack Staffing or Expertise to Respond to Targeted Attacks, Independent Research Finds
Over a quarter of survey respondents are targeted daily by criminal or nation-state organizations, with 64 percent fearful that their next attack could cause severe reputational and financial loss.
ARLINGTON, VA – Aug. 10, 2017 – Endgame, the company reshaping endpoint security by delivering a converged endpoint platform to stop targeted attacks, today announced the results of its latest commissioned research study, “Achieve Complete Breach Intolerance Through SOC Transformation” conducted by Forrester Consulting. The study aggregates insight from over 150 security decision makers from large US enterprises in technology, financial services, oil and gas, and energy industries. The results reveal that the number one priority for security executives is achieving complete breach intolerance, which requires fundamental changes to to their staff’s skillsets, processes and tools.
The results point to the following trends:
A majority (64 percent) of executives surveyed are concerned that the next breach or attack they experience could be severe, a fear that is coupled with the fact that decision makers do not know the system or the vector that will be attacked next.
Many security executives (60 percent) are working on expanding or upgrading their current SOC deployment. Enterprises need their SOCs to be working at peak performance, evidenced by the fact that nearly 40 percent of respondents experienced three or more types of attacks in the last year, with many facing daily attacks.
Most executives categorize their staff’s proficiency as only competent. Only 44 percent of organizations have a tier 1+ analyst, with an additional 44 percent agreeing on the need to improve their staff’s technical skills around endpoint security or find automation tools to fill the expertise gap.
CISOs Crave Simplicity, Struggle with the Complexity of Multiple-Point Solutions
The survey uncovered that 71 percent of respondents are using five or more technologies in their SOC, and a third of respondents are using eight or more technologies. One CISO of a global energy company stated: “What I’d like to do is reduce the overall risk footprint, thus being able to reduce the number of tools. There’s a lot of work that we’re doing to try to reduce overlap of tools.”
Unlike legacy EDR tools, Endgame provides the only single-agent endpoint platform to unite prevention, detection and response, and threat hunting to stop targeted attacks, including the recent WannaCry and Petya ransomware attacks, malwareless attacks, and zero-day exploits.
The Cybersecurity Skills Gap Presents CISOs with Major Problems
Apart from complexity around multiple point products, security executives also stressed the need to find and retain staff with expertise required to combat targeted attacks. Regarding his staff, a CISO of a US banking organization commented: “They get a lot of drive-bys, where people come by and ask for help. That distracts them from what they really need to be doing. Because we’re short staffed, that keeps us from optimizing some of the tools that they need to optimize.”
This sentiment was also repeated by a CISO of a global energy company: “I think the biggest challenge that we’ve been facing is trying to get the right level of expertise. It’s very, very hard for us to find people that are experts in the field to come in and work with us.”
Endgame’s AI-powered chatbot Artemis™ alleviates SOC staff struggles by combining built-in domain expertise with natural language understanding - all in a simple user interface - to allow users of any skill level to rapidly respond to threats. This tool is proven to reduce pressure enterprises face training and retaining top talent, as echoed by surveyed executives.
Listen in to our latest webinar with Forrester on the survey results.
In this study, Forrester interviewed three security decision makers and conducted an online survey of 156 security decision makers in the US to evaluate security operations centers challenges and barriers. Survey participants included decision makers in director or higher roles. Questions provided to the participants asked about their security breaches, tolerance around breaches, and their current SOC offering and staff. The study took place in May 2017.
Endgame's converged endpoint security platform is transforming security programs - their people, processes and technology - with the most powerful endpoint protection and simplest user experience, ensuring analysts of any skill level can stop targeted attacks before information theft. Endgame unifies prevention, detection, and threat hunting to stop known and unknown attacker behaviors at scale with a single agent. For more information, visit www.endgame.com and follow us on Twitter @EndgameInc.