The Cybersecurity Megatrends report by Enterprise Management Associates surveyed organizations of all industries and sizes across North America. HelpSystems sponsored this survey to help establish common concerns surrounding cybersecurity and provide a clearer picture of how widespread these issues are. By better understanding what and where the challenges are, organizations can be better equipped to find solutions. Read on for HelpSystems’ perspective on this comprehensive report.
The cloud is more popular than ever, with 98% of organizations reporting that they use cloud services for security workloads alone. Hybrid environments are also almost universal, with over 99% of organizations surveyed using a hybrid architecture or planning to deploy one within the next two years.
While cloud security is top of mind for these organizations, there is still a massive misunderstanding about who is responsible for that security. A staggering 53% of respondents believe that the cloud provider owns most, if not all security accountability in the public cloud.
Security needs and ownership vary depending on the type of cloud environment that your organization deploys. However, no matter your environment, all cloud security is a shared responsibility between cloud providers and cloud users. While cloud providers are responsible for the security of the cloud, users are responsible for the security of what’s in the cloud.
Though it is worthwhile to explore the cause of this disconnect between the reality of cloud security ownership and this misperception that has led to security gaps and breaches, the more critical issue at hand is in correcting these misunderstandings to get cloud security back on track.
Critics see shared responsibility as a burden, but it is ultimately in an organization’s best interest. For example, configuration policies are the responsibility of cloud users, but due to misunderstanding security responsibility, misconfiguration continues to plague many cloud environments. Each organization has unique practices and industry regulations and is far better equipped to understand them than an external party. Likewise, an organization using the cloud is the only one that knows who should have access to it. Shared responsibility empowers organizations and ensures they remain in control of their own data.
Security Operations Tools
Those working in Security Operations (SecOps) are constantly asked different versions of the same question: what’s going on with our security environment? This is where analytics come in. Unfortunately, analytics tools are beginning to hamper instead of help SecOps teams.
Firstly, there are too many consoles to interact with, making management of these tools complicated and tedious. With 75% of respondents having more than six consoles to deal with in order to do their jobs, it’s no wonder that they’re feeling overwhelmed. The solution to this will take work from both security vendors and users. Vendors must continue to streamline products to consolidate interfaces, and users must continue to be discerning in choosing security portfolios that can work together to reduce interface overload.
Second, analysts are besieged by alert fatigue, receiving so many alerts that sifting through them is costing valuable time. The three most common types of data used in security analytics are all from logs: server log data, application log data, and endpoint security logs. These logs can churn out data all day long, making it impossible to classify, let alone prioritize alerts. It is critical to implement a solution that consolidates these logs, like a SIEM, automating this classification and prioritizing alerts for more timely reactions.
Endpoint security vulnerabilities continue to threaten all organizations, with 73% of survey respondents having suffered from a successful endpoint attack. More frightening, however, is that over 40% weren’t highly confident that they could detect another attack before it did significant damage.
As massive breaches continue to expose the personal data of thousands of people, it’s more important than ever to ensure not only that these attacks are caught before they can do such catastrophic damage, but also to prevent them from infiltrating organizations to begin with.
While it’s typical to see Windows workstations with antivirus software installed, this does not take other endpoints like servers into consideration. Endpoint antivirus solutions, on the other hand, take on the burden of every endpoint, from workstations to servers, ensuring the corporate network and critical systems are safeguarded from malware.
While the universality of these concerns shows how pervasive they have become, there is a silver lining to be found. If all businesses and industries are struggling with these issues, the focus on them is the first step in eradicating them. Additionally, respondents indicated that over 75% of them are increasing their security budgets, showing that organizations are prioritizing safety and ensuring that the next big trend is better security.
With breaches continuing to have catastrophic consequences, and no silver bullet cure-all solution, it becomes easy to be overwhelmed when choosing security solutions. While there may not be a silver bullet, a layered security approach can help you regain balance by allowing you to focus on one area at a time and gradually build a comprehensive security suite. These Megatrends can provide guidance to help you prioritize which layers to focus on now, and what can be dealt with at another time. Security risks are ever growing, and organizations will have to evolve to protect themselves from these threats with a holistic defense in depth policy.
Interested in reading the entire survey? Complete the form to download your free copy of the report.