The response time, however, hasn’t improved quite as well despite funds going into cybersecurity tools. “Despite high levels of spending, detection and response times appear slow,” the study highlighted. “More than three-quarters of respondents (76%) say their organizations take an average of six months or longer to detect and respond to an incident.”
The biggest internal challenges to the organization’s cybersecurity approach were reported to be “too many potential attack surfaces” at 52%, and “difficulty balancing security and innovation speed” at 50%.
The study also noted big discrepancies between the CISOs and other C-suite leaders when it came to their organization’s cybersecurity preparedness. While 60% of CISOs were confident about the C-suite integration of cybersecurity into key business decisions, only over half of other C-suite officers believed they were effective. There was also a huge gap (12%) between their satisfaction with the overall cybersecurity preparedness.
Study noted an emphasis on security through simplification
For better understanding and evaluation, the study was able to categorize the responding organizations into “secure creators” and “prone enterprises.” The grouping was done on the basis of the number of solutions used, the adoption of emerging technologies, and the use of technologies to simplify their automation environments.
The study found that secure creators are more satisfied with their approach to cybersecurity, experience fewer cybersecurity incidents, and can detect and respond to incidents quicker. About 70% of them are early adopters of emerging technologies.
The secure creators are also more focused on extracting the most value from specific advanced solutions, with 62% already using or in the late stages of implementing AI/ML solutions, as compared to only 45% of the prone enterprises.