Organizations are grappling with more security alerts that pose significant challenges to their cybersecurity posture.
Think about it. With the rapid advancement of technology and the proliferation of interconnected devices, cyber threats have become more sophisticated and diverse, making it harder for traditional security measures to keep up.
Security teams find themselves inundated with a deluge of alerts, making it difficult to identify and prioritize genuine threats from false positives. The sheer volume of alerts is cause for concern too, as they can lead to alert fatigue, causing potential critical incidents to go unnoticed or receive delayed responses, leaving the organization vulnerable to potential breaches and data leaks.
To better understand these challenges and how organizations are prepared to address them, Swimlane recently partnered with Dimensional Research, an independent research firm, to survey security professionals and executives from around the world.
The findings of the report were appalling.
Despite the growing emphasis on cybersecurity in C-suite and boardroom discussions, a striking contrast has arisen between the perceptions of executives and the realities faced by security teams on the ground. 70% of executives hold the belief that their security team adequately handles all security alerts, whereas 36% of the front-line roles responsible for managing alerts share this optimistic view. In truth, the actual figure of organizations effectively addressing every single alert stands at a modest 58%.
And while the use of automation is increasing in popularity to overcome these challenges, a notable disconnect also exists in understanding the security team's skill set and available resources to adopt heavy-scripting automation tools. According to the report, 87% of executives believe their security team possesses what it takes for successful adoption. In comparison, only 52% of front-line roles state they have enough experience to properly use this type of technology.
These disparities in perception highlight the need for better communication and understanding between top-level management and security teams. It emphasizes the importance of accurate data and reporting to ensure executives have a clear and realistic picture of the organization's cybersecurity capabilities.
By acknowledging and bridging this gap, organizations can strengthen their cybersecurity posture and create a more cohesive approach to handling security incidents. Executives must foster an environment that promotes open dialogue, trust and cooperation between different levels of the organization to effectively mitigate cyber threats and protect sensitive information.
But, of course, that is easier said than done. A big hurdle in bridging that gap is the staff shortage. According to the survey, 70% of companies are taking longer to fill cybersecurity roles compared to two years ago. A majority of organizations report that it takes three months or more to fill such roles, and 34% state it takes seven months or longer. As a consequence, one-third of organizations fear they may never have a fully-staffed security team with the necessary skills.
Along with the staff shortages, the report revealed concerning levels of employee turnover and burnout within cybersecurity teams, posing a substantial risk to businesses. Nearly all respondents reported experiencing business issues resulting from security team turnover, including slower threat identification, response and remediation, as well as difficulties in addressing security alerts effectively.
These challenges threaten the operational stability and resilience of organizations in the face of an evolving cybersecurity landscape.
“Organizations across industries and around the globe are struggling to hire and keep qualified cybersecurity professionals who can effectively manage today's threat landscape,” said James Brear, CEO of Swimlane. “This, in addition to a rapidly evolving regulatory landscape and complex new threats brought on by generative AI, highlights the need for organizations to scale their defenses before it's too late.”
Swimlane is helping these organizations and others in similar situations with its Automation Readiness & Maturity of Orchestrated Resources, or ARMOR, Framework. This standard for security automation maturity helps organizations of all sizes and industries understand, implement and mature security automation for better outcomes.
The online survey is free to any organization and requires approximately 10 minutes to complete. Upon submission, a security automation consultant will schedule a complimentary review of a tailored report detailing current security automation maturity and recommendations for up-leveling their strategies to align with industry best practices.
Edited by
Alex Passett