According to a new study, 74 percent of IT security organizations believe prevention-first security strategies and solutions can fail, having experienced a similar situation in their organization in the 12-month period (February 2021-2022). This statistic is only the tip of the iceberg.
The end result in continuous innovation from both sides. A cybercrime economy worth trillions of dollars annually provides a positive environment for new Tactics, Techniques, and Procedures (TTPs) to thrive and spread.
So, how is the industry handling the challenge of defending against this ever-changing objective?
Many respondents to the Vectra survey felt that the industry continues to fall behind. Eighty-three percent of respondents agreed that legacy methods do not protect against modern threats, and that we must "change the game when it comes to dealing with attackers." This was echoed by the fact that 71 percent think that cybercriminals are leapfrogging current tools, and that security innovation is years behind the hackers. Additionally, 71% believe that security guidelines, policies, and tools are failing to keep pace with threat actor TTPs.
More than 78 percent of security executives claimed they have purchased software that failed to fulfill their promise, including failing to detect modern attacks, and inadequate integration with other methods. This is a positive conclusion. In 2015, 73 percent of respondents found the software found to be doing better.
Another 37% of respondents said they are very confident that their portfolio of tools might detect and protect them against the types of threats used in the Kaseya, SolarWinds, and JBS attacks.
A survey of 1,800 global IT security experts working in organizations with more than 1,000 employees across France, Italy, Spain, Germany, Sweden, Saudi Arabia, and the United States produced the findings. In addition, more than 500 employees from the Netherlands, Australia, and New Zealand have been identified.
Read Vectra's book.