Netenrich, a resolution intelligence company, has released “Pivoting to Risk-Driven Security Operations,” a global survey of IT and security professionals. The survey found that 83 percent of companies would suffer business damage during the first 24 hours of an outage and thereafter, which comes as no surprise with recent surges in ransomware and other attacks wreak havoc across IT infrastructures.
The survey also revealed interesting findings and contradictions when it comes to scaling security operations:
When looking to upgrade their security posture, 67 percent focused on tools upgrades yet organizations found that tools integration (55 percent), lack of tools expertise (52 percent) and tool sprawl (41 percent) were their biggest pain points.
While security teams aspire to do more proactive and risk-driven operations, like risk management (37 percent), incident analysis (34 percent), threat modeling (29 percent), they spend most of their time doing foundational and reactive security tasks, such as updating patches (43 percent), researching, and analyzing critical incidents (41 percent) and removing false positives (40 percent).
Security teams are trapped doing the same thing they have been doing for years – reactive security. They’re adding more tools, needing more resources, and chasing thousands of alerts, all while lacking the contextual data and prioritization that’s highly needed.
“Organizations fail to shift to a proactive approach that prioritizes security defenses around the most likely, highest business-impacting attack vectors,” said John Bambenek, primary threat researcher at Netenrich. “Security teams need to start evaluating business risk based on the likelihood of attack success and mapping that attack success to what it would actually cost the business. Focus on the critical issues that matter most to reduce the attack and outage impact.”
The survey finds that companies want to do more threat modeling, incident analysis and risk management however very few employ it or even know how:
- Less than 40 percent perform threat modeling
- Less than half conduct threat modeling on a daily (16 percent) or weekly basis (31 percent)
- Only 30 percent practice external attack surface management
Netenrich is hosting a webinar discussing survey findings with security ops perspectives from John Bambenek and David Gehringer, Dimensional Research analyst, at 10 a.m., Wednesday, November 10,