The rate at which major security breaches are occurring appears to have reached a cadence that now has many organizations for better or worse finally reviewing their overall approach to cybersecurity.
A survey of 600 IT and security professionals conducted by Deep Instinct, a provider of a platform that employs artificial intelligence (AI) to identify malware, finds two-thirds of respondents (66%) reporting that the SolarWinds incident has led to the hiring of more internal IT/cybersecurity professionals, with more than half saying it also prompted more questions at the board and executive level about cybersecurity measures.
Just over 60% said they are also considering automated solutions based on AI in the wake of recent attacks against Microsoft. Nearly three-quarters of respondents said automation of cybersecurity is the only way their company can address cyber threats.
It appears there is a growing realization that the existing tools and processes that organizations have been relying on to defend themselves need an arguably long-overdue update. The issue of the day is not only have the attacks increased in volume and sophistication; the size of the attack surface that needs to be defended keeps expanding as well. More employees are now accessing both cloud and on-premises applications from home, while at the same time edge computing platforms that need to be secured are being deployed more frequently.
Each of these platforms generates a steady stream of security alerts that need to be analyzed. The trouble is each of those platforms generates a lot of false-positive alerts. The survey finds security teams are spending about 10 hours a week assessing false positive alerts. A total of 62% said threats could get missed due to the overwhelming volume of false positives. Nealy 70% noted low staff morale could result from alert fatigue due to the overwhelming volume of false-positive alerts. A full 80% noted that time could be applied to applying security patches and updates.
Even more (86%) are hopeful tools driven by data science and artificial intelligence (AI) will have a significant impact on preventing unknown threats and reducing false positives.
It’s fairly apparent to all involved that current approaches to cybersecurity are not working as well as everyone would like. A total of 83% agreed in some way that cybersecurity professionals deserve better from anti-virus and endpoint detection and response solutions.
There is, of course, no silver bullet when it comes to cybersecurity. However, the need for a serious review is at hand. New security technologies have emerged to address a wide range of emerging threats that range from run-of-the-mill ransomware attacks to distributed denial-of-service (DDoS) attacks that are now being coordinated across the globe. At the same time, the processes employed to build and deploy software are being modernized in a way the better ensures the integrity of applications. Rather than simply layering more tools and processes on top of an existing set of workflows, organizations would be well advised to revisit their entire approach to cybersecurity.
Naturally, this means getting more senior executives involved in the security strategy. There’s a tendency among security professionals to not want to have a deep conversation about a complex topic with, frankly, individuals that don’t always appreciate all the nuances. Nevertheless, no matter how excruciating that conversation may prove to be it should be clear it can be put off no longer.
Mike Vizard has covered IT for more than 25 years and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb, and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.