When it comes to securing the premises, the majority of businesses are prioritizing prevention over detection, investigation, and response, a new report has found. However as a result, large numbers of firms are being hit by data breaches or other attacks, with the incidents constantly getting worse.
Researchers at Exabeam surveyed 500 IT security professionals, finding roughly two-thirds of the respondents (65%) prioritize prevention as their number one endpoint security (opens in new tab) goal.
For a third (33%) – detection was the highest priority.
Too late to the party
To make matters even worse – the businesses are actually acting on this thinking. Almost three-quarters (71%) spend between 21% and 50% of their IT security budgets on prevention, while 59% invest the same amount as they do for detection, investigation, and response.
The trouble with this approach, according to Exabeam's Chief Security Strategist, Steve Moore, is that the firms are focusing on prevention with crooks already inside the walls, rendering their efforts futile.
"As widely known, the real question is not if attackers are in the network, but how many there are, how long have they had access, and how far have they gone," Moore says. "Teams need to socialize this question and treat it as an unwritten expectation to realign their investments and on which to perform, placing the necessary focus on adversary alignment and incident response. Prevention has failed."
When asked if they are sure they can prevent attacks, most respondents answered positively. In fact, 97% said they felt confident in their tools and processes, to prevent and identify intrusions and data breaches.
However, when asked if they'd easily tell their boss their networks weren't breached at the time, just 62% would say yes, meaning more than a third had their doubts.
In other words, Exabeam says, security teams are overconfident and has data to back it up. Citing industry reports, the company claims 83% of organizations experienced more than one data breach last year.
- These are the best firewalls (opens in new tab) today
- Security alert overload threatens to bury security teams
- Report: Twice as many IT professionals plan to build formal security teams in 2017
- Rip up the script when assembling a modern security team
- Security Vendors Push Intrusion-Detection, Professional Services
- How to Keep Your Security Team Happy
- Kenyan Government Shifts Focus From Connectivity to Cyber Security
- Software security for developers
- Complete security deception includes detection and incident response
- Explaining security automation and its evolving definitions
- What those new to security can learn from the biggest breaches of all time
- Big picture security
- IBM Security partnership promises to patch critical vulnerabilities 'in seconds'
- Maturing information security in Mexico
- When to host your Website's security
- Breach detection: Five fatal flaws and how to avoid them
- The ins and outs of deception for cyber security
- The security tech stack is out of control, here is what to do about it
- SolutionBase: Understanding how an intrusion detection system (IDS) works
- 10 tips for reducing insider security threats
- Prevent your employees from "going rogue"
Many security teams are prioritizing prevention over detection, with disastrous results have 525 words, post on www.techradar.com at February 3, 2023. This is cached page on TechNews. If you want remove this page, please contact us.