A new Ponemon survey uncovers some alarming findings about the cybersecurity strategies of various companies

Aug 16, 2021 16:03 GMT  ·  By

Security leaders responsible for strategic planning of cybersecurity defenses are susceptible because of a lack of awareness and knowledge gaps, leaving organizations exposed to threats, according to a Ponemon survey

Threats, especially external threats, empowered increasingly sophisticated security firms to identify and prevent imminent attacks and enhance the detection of threats, says Help Net Security. However, the majority of respondents claim their firms do not provide enough resources to realize their analytic teams' full capabilities and the hunting of threats.

The results show that the average budget for IT operations of the responding firms for 2021 is $117 million. An average of 19% is devoted to IT security. Analyst efforts and risk intelligence are only allocated on an average of 22%. The results also demonstrate differences of opinion on the nature of threat hunting. Only 24% consider danger hunting outside their company boundaries to track opponents and identify imminent attacks.

Companies that invest appropriately in cybersecurity can avert cyberattacks

David Monnier, from Team Cymru, said “IT and cybersecurity leadership often rely heavily on machine learning and automation as a way to achieve efficiency, viewing threat hunting as a tactical, reactionary function”[...] “However, from our experience, organizations that manage to get ahead of threats, both internally and throughout their third-party ecosystems, have dedicated a meaningful proportion of the budget to making external threat hunting a strategic priority”.

Most consider threats as a reactionary approach of detecting internal threats in search of bad conduct already endured. However, 62% of companies are expanding investments on analysts and intelligence threats.

The top three intelligence responses indicate they have dark web data (47%), domain registration data (42%), and telemetry endpoint data (42%). But 61% recognize that the intelligence of the threat cannot keep up with changes in the way threat actors assault organizations.Moreover, whereas traditional sources of risks inform, just 31% of respondents said that raw internet telemetry is vital for their ability to take preventive actions, detect attacks and resolve security issues.