In the ever-evolving landscape of cybersecurity, decision-makers face multifaceted challenges in breach protection strategies for 2020. A survey titled The State of Breach Protection 2020 gathered insights from 1,536 cybersecurity professionals, shedding light on best practices and emerging trends. Security executives are currently navigating a complex threat environment, grappling with questions about identifying high-risk attack vectors and determining the optimal balance between in-house capabilities and outsourcing.
Organizations’ responses reveal a pressing need to understand which types of attacks demand the most attention and which security solutions can effectively mitigate these risks. A notable point of concern is whether it is more beneficial to cultivate an in-house security team, outsource entirely, or find a middle ground between the two approaches. Additionally, there is growing interest in how to integrate automation into breach protection workflows to enhance efficiency and response times.
The survey identified that a significant barrier to effective protection is the lack of consolidation among security tools. Organizations deploying advanced security solutions often struggle with managing a diverse security stack, particularly within advanced product categories. This fragmentation can hinder their overall protective measures, as maintaining multiple products complicates management and response efforts.
Prioritization in security investments is evident, with many organizations planning to enhance their protective frameworks during 2020. Most aim to incorporate advanced solutions such as Endpoint Detection and Response (EDR), Network Traffic Analysis, or Security Information and Event Management (SIEM) on top of their existing basic security stacks, which typically include antivirus, firewalls, and email protections.
Moreover, the survey highlighted a significant gap in deployment effectiveness for endpoint protection. A limited percentage of organizations reported successful implementation of EDR/EPP across more than 85% of their endpoints without ongoing deployment or maintenance challenges. Given that these tools are considered effective defenses against sophisticated attacks, such data raises concerns.
The survey also noted a high incidence of unattended alerts across organizations deploying advanced threat detection tools. Many respondents indicated that more than 25% of alerts generated daily go unaddressed, which undermines the effectiveness of their security posture and could expose them to heightened risk.
While some organizations have adopted centralized orchestration for Incident Response (IR) activities, the implementation of automated remediation workflows remains limited. This could potentially slow response times and leave organizations vulnerable if not addressed promptly.
Furthermore, there exists a dichotomy regarding security outsourcing. Organizations feeling the pressure of a skills gap in cybersecurity are often compelled to engage external experts for advanced operations. However, there remains a strong preference to manage critical elements of security in-house, especially those related to active attack remediation.
Ultimately, the insights gleaned from The State of Breach Protection 2020 survey offer valuable perspectives for Chief Information Security Officers (CISOs) and security leaders. By understanding prevalent challenges and tactics, organizations can make more informed, data-driven decisions regarding their cybersecurity frameworks.
For more comprehensive findings, the complete State of Breach Protection 2020 survey report is available for download, providing a broader exploration of the current cybersecurity landscape.
