SANS Institute Survey Surfaces State of Cybersecurity Defenses

A survey of 297 cybersecurity professionals conducted by SANS Institute found 83% of respondents felt they had the right policies, processes and controls defined, but only slightly more than two-thirds have actual metrics and reports that prove that assertion.
Sponsored by Expel, a provider of security operations platform, the survey finds the most widely tracked metrics are security incidents, vulnerability assessments and intrusion attempts.
A total of 62% said they are relatively confident that security operations, network security and vulnerability management are either very well-defined or well-defined, followed by identity and access management, penetration testing, controls validation, application security and third-party supply chain/risk management.
Overall, 8% said security metrics and key performance indicators are useful and effective in driving improvements in security processes, with another 33% describing them as being generally effective.
The survey also notes that 73% of respondents work for organizations that have conducted risk assessments in the last 12 months, followed by 67% that have conducted security tests and 66% that have conducted internal security audits.
Some only perform internal assessments, but most use a combination of internal and third-party assessments.
Slightly more indicate that they do perform benchmarking versus those that don't.
Respondents who do perform benchmarking employ a variety of tools, including automated vulnerability scanning, open source security tool testing and commercial security tool testing.
Well over two-thirds also make use of a cybersecurity framework to define, measure and assess SOC performance, with a whopping 74% of those respondents employing the National Institute of Standards and Technology Cybersecurity Framework as their preferred methodology for managing cybersecurity.
Expel CISO Greg Notch said the NIST CSF framework is often favored because it focuses on distilling information into actionable intelligence.
Most cybersecurity teams are overwhelmed by alerts, so a framework provides a method for proactively managing cybersecurity tasks, he added.
A full 43% of respondents said they don't have formal IT/security training programs in place.
That's an issue because, given the rising level of volume and sophistication, training should be table stakes for organizations, said Notch.
The survey also suggests cybersecurity teams are relying more on external services.
Nearly half of respondents said their organization takes a hybrid approach to SOC that is made up of an in-house team and external services providers.
Nearly half of those respondents increased reliance on managed services, with 16% increasing usage significantly.
Ultimately, each organization needs to right-size their cybersecurity investments based on the level of risk to the business, said Notch.
The challenge, as always, is first ascertaining that risk level and then finding a way to share those insights in a way business leaders can appreciate, he added.
In the meantime, there is no substitute for cybersecurity fundamentals, noted Notch.
One way or another the one thing that is assured is the policies, processes and controls that cybersecurity teams have put in place will continuously be put to the test.


This Cyber News was published on securityboulevard.com. Publication date: Thu, 11 Jan 2024 13:43:03 +0000


Cyber News related to SANS Institute Survey Surfaces State of Cybersecurity Defenses

SANS Institute Research Shows the Frameworks Organizations Use - The report shares and analyzes research on a range of security operations center practices and outlines the current state of the SOC within many organizations, based on in-depth survey findings of IT and cybersecurity professionals from around the ...
11 months ago Darkreading.com
SANS Institute Survey Surfaces State of Cybersecurity Defenses - A survey of 297 cybersecurity professionals conducted by SANS Institute found 83% of respondents felt they had the right policies, processes and controls defined, but only slightly more than two-thirds have actual metrics and reports that prove that ...
10 months ago Securityboulevard.com
Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
6 months ago Feeds.fortinet.com
Survey Surfaces Raft of Cloud Security Challenges - A global survey of 414 IT practitioners published this week found 40% of respondents are relying on legacy platforms and practices originally designed for on-premises IT environments to secure cloud computing environments. Conducted by Aviatrix, a ...
10 months ago Securityboulevard.com
Dakota Eye Institute Files Notice of Data Breach Affecting More Than 107k Individuals - On October 23, 2023, the Dakota Eye Institute filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that patients' personal information was compromised following a cyberattack. ...
1 year ago Jdsupra.com
Growing threats outpace cybersecurity workforce - The cybersecurity skills shortage threatens the well-being and even survival of numerous businesses as cybersecurity threats grow more numerous, sophisticated, and dangerous to the point that cybersecurity groups have vowed not to pay ransom demands. ...
10 months ago Legal.thomsonreuters.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
11 months ago Securityzap.com
Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers - Well-publicized estimates of a massive shortfall in cybersecurity workers have resulted in high expectations among job seekers in the field, but the reality often falls flat, because of a mismatch between companies' requirements and job seekers' ...
11 months ago Darkreading.com
Saudi Arabia's National Cybersecurity Authority Announces the GCF Annual Meeting 2024 - Under the theme 'Advancing Collective Action in Cyberspace,' the event will unite thought leaders, decision makers and experts across the global Cyberspace community to bolster international cooperation, address shared challenges, enhance ...
8 months ago Darkreading.com
What the cybersecurity workforce can expect in 2024 - For cybersecurity professionals, 2023 was a mixed bag of opportunities and concerns. The good news is that the number of people in cybersecurity jobs has reached its highest number ever: 5.5 million, according to the 2023 ISC2 Global Workforce Study. ...
10 months ago Securityintelligence.com
How to become a cybersecurity architect - Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director ...
5 months ago Techtarget.com
Survey Surfaces Wasted Efforts Collecting Cybersecurity Data - A survey of 500 full-time security decision-makers and practitioners published today found that security teams are wasting time and resources normalizing data to store and analyze it in a separate platform instead of relying on the same data IT teams ...
11 months ago Securityboulevard.com
CISO Corner: What Cyber Labor Shortage?; SEC Deadlines - Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. Companies could face millions of dollars in fines if they fail to notify the SEC of a material breach. ...
6 months ago Darkreading.com
Cybersecurity Curriculum Development Tips for Schools - With the constant threat of cyber attacks, schools must prioritize the development of a robust cybersecurity curriculum to equip students with the necessary skills and knowledge. This article provides valuable insights and tips for schools aiming to ...
11 months ago Securityzap.com
The Importance of Cybersecurity Education in Schools - Cybersecurity education equips students with the knowledge and skills needed to protect themselves and others from cyber threats. Cybersecurity education can teach students about the impact of cyberbullying, how to prevent it, and how to respond ...
11 months ago Securityzap.com
Survey Surfaces Lack of Confidence in Existing Cybersecurity Tools - A survey of 214 senior executives involved in cybersecurity decisions found more than half would replace their entire current stack of platforms if there were no budget constraints. Conducted by Threater, a provider of a platform for blocking network ...
10 months ago Securityboulevard.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
1 year ago Feeds.dzone.com
Digital Learning Tools for Cybersecurity Education - In the field of cybersecurity education, digital learning tools have become indispensable. This article explores various digital learning tools tailored specifically to cybersecurity education. These digital learning tools play a crucial role in ...
11 months ago Securityzap.com
Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
10 months ago Securityzap.com
Dell Survey Surfaces Lack of Ransomware Resiliency - A survey of 1,500 IT and IT security decision-makers found more than half worked for organizations that experienced a cyberattack that prevented access to data within the past 12 months, with 85% of them admitting they paid ransoms to access data. ...
10 months ago Securityboulevard.com
Cybersecurity Frameworks: What Do the Experts Have to Say? - Cybersecurity frameworks are blueprints for security programs. Typically developed by governmental organizations, industry groups, or international bodies, they take the guesswork out of developing defense strategies, providing organizations with ...
5 months ago Tripwire.com
Strength in Numbers: The Case for Whole-of-State Cybersecurity - Public Sector: Bigger Challenges, Fewer Resources When thinking about how many people public sector organizations must secure, consider that the average US county has a population of 106,007, according to census data, analogous to all of Procter & ...
10 months ago Darkreading.com
What is the NIST Cybersecurity Framework? Definition from SearchSecurity - The NIST Cybersecurity Framework provides guidance on how to manage and reduce IT infrastructure security risk. NIST created the CSF to help private sector organizations in the United States develop a roadmap for critical infrastructure ...
10 months ago Techtarget.com
Gamification in Cybersecurity Education - Gamification has become increasingly prevalent in numerous domains, including cybersecurity education. Gamification presents a promising approach to meet this challenge, making cybersecurity education both effective and enjoyable. One way to ...
11 months ago Securityzap.com
5 Lessons Learned from Windows Remote Desktop Honeypot Report - Recently, the SANS Institute released their annual Windows Remote Desktop Honeypot Report, providing comprehensive insights into the nature of malicious activity in a Windows environment. In order to understand how your own Windows network can be ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)