2018 Cybersecurity: Perceptions and Practices Benchmark Survey
Foreword
James Carder
CISO & VP, LogRhythm Labs
LogRhythm
As uncertainties?—?cybersecurity and otherwise?—?swim around
us with increased velocity and frequency, it’s always helpful
to hear directly from security leaders in the trenches of our
industry. These first-hand accounts have the unique ability to
shed light on the challenges security professionals and their
teams face nearly every day of their work lives. That’s precisely
what this “2018 Cybersecurity: Perceptions & Practices”
benchmark survey accomplishes. It provides insights into the
state of the cybersecurity practice of 751 mid- to large-sized
organizations in the United States, United Kingdom, and AsiaPacific regions.
From these insights, one thing that comes as a surprise
is data that suggests that the U.S. may not be leading
the cybersecurity industry in security maturity. In fact,
respondents from organizations in the Asia-Pacific region
clearly indicate that they are far more likely to have a security
operations center (SOC) than their U.S. and U.K. counterparts.
The Asia-Pacific region also boasts the largest percentage
of IT budget allocation toward cybersecurity. Both of these
findings suggest a cultural prioritization toward security
investments?—?one that isn’t being matched by the U.S. or U.K.
When prompted on workflow/employee efficiency, it appears
evident that security professionals are wasting huge amounts
of time and effort on false positives and inefficient processes.
Of course, this isn’t news to us, but it’s important to note
how the data acutely quantifies this problem. The majority
of IT executives indicate that the average cybersecurity
professional wastes as much as 10 hours a week due to
software inefficiencies. In an industry already plagued by a
shortage in qualified specialists, this is a reality that is not
only unacceptable, but also avoidable.
Containment of cyberthreats and breaches is a major
challenge for all organizations. It takes time to understand
the full scope of an incident and determine how best to
neutralize it. This is exacerbated by a lack of resources
(human, technology, intelligence) and then compounded
when automation and orchestration are not efficiently
leveraged to reduce the time necessary to complete the
investigative processes.
Now, more than ever, security teams need to be working
more intentionally. Corroboration and qualification using
threat intelligence and other technologies help teams
make informed decisions. Establishing automation and
orchestration processes, protocols, and procedures for the
most prevalent classes of attacks will improve the efficiency
and effectiveness of most any SOC.
As security experts, it’s unlikely our constant state of being
stretched thin will be relieved anytime soon. But this survey
does shine a ray of hope: the majority of IT executives
surveyed believe their C-suite is paying more attention to
cybersecurity efforts than they did last year. That, combined
with the availability of NextGen SIEM and end-to-end security
solutions today, gives me optimism that cybersecurity
organizations across the globe may soon increase fortification
in the fight against cyberthreats.
James Carder
CISO & VP, LogRhythm Labs
WWW.LOGRHYTHM.COM | 3
Key Findings
The Current State of Security Maturity
Many companies are focused on growing their security
maturity?—?part of that growth is establishing a security
operations center (SOC) within their organization. Special
threat detection programs can be another indicator of
security maturity. More than 70 percent of decision makers
have programs in place to detect specific threats such as
ransomware, insider or employee threats, and denial of service
attacks. For those organizations that currently lack a formal
SOC, most plan to add one within the next two years.
Team size is another important indicator, as it can provide
insight into an organization’s commitment to a well-staffed
security program. In this survey, on average, respondents
said they employ 12 cybersecurity professionals in their
organization. More than half indicated that they employ 10
or fewer professionals on their teams. A huge majority of IT
decision makers?—?95 percent?—?use security software to prevent
and react to threats. More than a quarter deploy more than 10
security software solutions to manage security threats.
Objective and Methodology
The purpose of this study was to determine the cybersecurity perceptions and
practices among organizations in the United States, United Kingdom, and AsiaPacific regions.
The results of this report are from an online survey of 751 IT decision makers who
indicated that cybersecurity was part of their responsibilities. Of these respondents,
250 came from the United States, 250 from the United Kingdom, and 251 from the
Asia-Pacific region. The Asia-Pacific region was represented by decision makers in
Australia, Singapore, Hong Kong, and Malaysia.
These respondents indicated they were employed in mid- to large-sized companies
(minimum 500+ employees).
WWW.LOGRHYTHM.COM | 4
Please complete the form to gain access to this content
