How do your perceptions, priorities and security posture stack up against those of your peers? Find the latest trends and insights inside CyberEdge Group’s seventh annual Cyberthreat Defense Report, sponsored by (ISC)2.
Based on a survey of 1,200 participants representing 17 countries and 19 industries, the 2020 report provides an in-depth look at how IT security professionals perceive – and plan to defend against – cyberthreat. It encompasses the most geographically comprehensive view of IT security perceptions available.
This year’s findings shine light on many notable themes and realities, including…
Security teams under pressure. For the first time in survey history, four out of five (81%) organizations experienced at least one successful cyberattack in the past year, and over one-third (35%) had to respond to six or more.
Top threats. IT security teams are most concerned about malware, phishing, ransomware, account takeover, denial-of-service attacks (DoS/DDoS) and advanced persistent threats (APTs).
People shortages hurt. The biggest factor inhibiting organizations from adequately defending against cyberthreats is a lack of skilled security personnel.
Imperative to grow your own. Instead of trying to recruit scarce security experts, organizations would be wise (and financially prudent) to train existing IT team members to fill security roles.
IT security training matters. 80% of security pros agree that IT security training has helped them better protect their organization and its customers. (And note to IT managers: 87% of IT team members who haven’t received security training would seriously welcome it.)
Views on achieving professional IT security certification are also worth noting. The survey underscores that the pursuit of these credentials is not primarily about money. Expanded knowledge, increased respect and improved job satisfaction are perceived as the greatest benefits.
These passions run deep as practitioners face top IT security inhibitors, identified as lack of skilled personnel (No. 1) and low security awareness among employees (No. 2). Other big drags to IT security, according to the survey, are too much data to analyze and insufficient automation of threat detection and response.