ReliaQuest, in partnership with Ponemon Research, just released the results of a survey unveiling the priorities, concerns, and challenges of security operations teams. In the survey, we asked over 1,000 security leaders in the United States and the United Kingdom about how they approach security priorities in the face of today’s dynamic IT environment, the obstacles and how they plan to overcome them. The report, “Achieving a Risk-oriented Security Posture,” touches on the following topics:
- Security leaders’ top security priorities
- Their approach and barriers to adopting risk-management practices
- Efficiencies around threat detection and investigations
- Performance of their security teams
- Their aptitude for and concerns about managing cloud security
In the coming weeks, we’ll dive deeper into each of those topics and our interpretation of the results, but below are some of the report’s main takeaways and a summary of the findings in each segment.
- Organizations are investing heavily in IT security—61% of respondents say their security budget is more than $50 million for 2021.
- Respondents are committed to a stronger risk-based security posture and prioritizing strategic security initiatives, but face obstacles.
- Among the roadblocks to achieving a risk-oriented posture are ineffective security metrics, operational inefficiencies, and the lack of full visibility across the IT environment.
- While 58% claim that digital transformation is increasing overall risk, only 31% say that their executives and board recognize cybersecurity risk as a business risk.
- Cloud adoption is growing, but cloud security confidence is low.
|Download the Full Report|
Top security priorities
A majority of respondents are looking to protect and enable the business as they embrace digital transformation technologies. Initiatives such as secure cloud migration, adoption of zero trust principles, and enabling DevSecOps practices figure highly in their priorities. At the same time, they recognize the importance of shoring up fundamentals like gaining holistic visibility and tracking metrics that align with business goals, as being crucial to the success of their initiatives.
A recurring theme in this research is that lack of visibility is a significant challenge to achieving a risk-based security posture. Respondents cited lack of visibility and blind spots in coverage (58%), inability to identify high-valued assets (55%), and proliferation of shadow IT (51%) as the largest barriers to protecting business critical assets in today’s dynamic IT environment.
Detecting security incidents
No business is completely safe from security breaches. We asked our survey respondents to list where they feel their biggest vulnerabilities lie. Surprisingly, the most common answer was operational, not technical: 58% listed “lack of a well-defined security and risk management” program as one of their top issues. The absence of well-defined metrics was another problem, with 64% of respondents reporting a lack of standardized metrics to measure progress.
It’s clear that digital transformation is driving significant change in IT environments. And that, in turn, is contributing to a lack of visibility and blind spots in coverage, making threat detection and investigations yet more challenging. 60% of respondents say the challenge to implementing effective threat detection and investigation practices is the lack of integrated visibility into cloud and on-premises sources, and 56 percent of respondents say it is the inability to ingest data sources into existing SIEM because it is too expensive.
Efficiency of security teams
The effectiveness and efficiencies of security teams are key determinants of success when it comes to incident response, and we wanted to get a sense for how well organizations rated their teams.
The results showed that security teams are spread astonishingly thin. Only 17% of respondents said that the ratio of staff member to tools is 1:1 – 57% claim that one staff member at their organization manages more than four tools. It’s no wonder security teams are stressed out. To alleviate this issue, security leaders are turning to third-party providers. They most commonly seek help with gathering intelligence that is contextual to the business (54%), incident response and investigations (51%) and threat detection and correlation (49%). In fact, a majority (63%) agreed that automating tasks like data collection could make their security operations more efficient.
Central to digital transformation strategies is cloud, and 2020 events have only accelerated this initiative. It is more an imperative for business success and survival, frankly, than an option. On top of all that, security leaders also have to find ways to enable the business, so it is no surprise secure cloud migration is the top priority for the next year for 57% of respondents.
That does not mean they are confident about security in the cloud; in fact, the opposite is true: Only about 11% rated their confidence as between 9 and 10 out of 10. The most common rating was 1 and 2, at 36%. And their concerns are well founded; lack of visibility into cloud environments generates unease, as does the difficulty of integrating data sources with the cloud environment.
While the survey results largely confirmed many established trends, we found some of its revelations heartening, particularly the extent to which security leaders are committed to protecting and enabling the business. And although some fundamentals need shoring up—such as visibility and metrics—security leaders understand that doing so can help them better manage their security operations. And it is also clear they are not shy about seeking outside help to expand their teams and amplify their talents in pursuit of their mission.
Download the full report or register for the upcoming webinar.
We’ll be diving deeper into the findings and our analysis in the coming weeks on the blog.