Adarma, a leading provider of detection and response services, recently released a report titled “A False Sense of Cybersecurity: How Feeling Safe Can Sabotage Your Business”. This report focuses on several critical aspects of security operations, including confidence levels, the use of artificial intelligence, the well-being of security teams, and the phenomenon of “tool sprawl”.
The findings of the report were based on a survey conducted with 500 cybersecurity professionals from UK organizations with over 2000 employees. Surprisingly, the report revealed that 95% of UK enterprises feel confident that they have no gaps in their security controls coverage. This confidence was categorized as either “very confident” (53%) or “somewhat confident” (42%). However, despite this high level of confidence, the report also revealed that two-thirds (68%) of these organizations have fallen victim to a cyber-attack within the last two years.
The report highlights one possible reason for this disconnect – the belief that having more security tools leads to better protection for the organization. Interestingly, the research found that confidence levels tended to rise as the number of security tools used increased. However, it also discovered that the chances of experiencing a security breach also increased alongside the number of tools being used.
Scott McElney, the Chief Information Security Officer (CISO) of the Weir Group, a global engineering firm, cautioned against the assumption that more tools automatically lead to enhanced security. McElney suggested that adding more tools can actually increase the risk due to the complexities involved in managing them and the requisite skills needed to configure and optimize them.
It is worth noting that the UK government’s 2023 cybersecurity sectoral analysis reveals that there are currently 1,979 firms providing cybersecurity products and services in the country. However, 61% of the surveyed respondents found this fragmented technology landscape to be a hindrance in improving their security capabilities and performance. As a result, 80% of organizations are currently consolidating their security technology or have plans to do so, while an additional 18% acknowledge the need to reduce their tooling.
John Maynard, CEO of Adarma, commented on the issue, stating that the proliferation of cybersecurity products and services has misled many organizations into believing that they are the ultimate solution to cybersecurity challenges. However, Maynard asserts that this has only introduced more complexity and confusion, and that successful cybersecurity ultimately depends on the expertise and actions of the people deploying and optimizing the technology.
Consolidating the technology stack can provide organizations with greater visibility over their application estate and allow for more effective resourcing and centralized competencies. However, the survey found that organizations face difficulties in implementation due to complexity and the need for expertise. Optimizing and utilizing technology to its fullest potential is also a challenge, with 43% of respondents highlighting this issue. Additionally, 40% express concern about becoming too dependent on a single vendor.
Adarma recommends that organizations adopt a comprehensive approach to security, considering not only the security technology lifecycle but also the individuals and procedures required for integration, configuration, and optimization. Sufficient resources and capabilities should be allocated to effectively manage security tools.
Furthermore, prioritizing the consolidation of the security stack can enhance efficiency and visibility. However, Adarma advises organizations to proceed with caution by defining desired business outcomes and having an independent security architect lead the consolidation project.
In conclusion, security leaders need to trust both people and technology, acknowledge any gaps in controls, and avoid overconfidence in their security measures. The full report can be accessed on Adarma’s website at www.adarma.com/a-false-sense-of-cybersecurity.