Solving the Cyber Preparedness Problem
In early 2017, we published a study that revealed an unsettling truth about cybersecurity: A severe discrepancy exists between the perceptions and realities of how prepared mid-market organizations are to combat cyberthreats. At the time, we found that 95 percent of companies expressed high confidence in their security posture. Yet, 72 percent of IT pros said their roles were too broad to give information security the attention it deserved. Additionally, 77 percent of security alerts were investigated an hour or more after discovery.
It’s been a little over a year since the study’s release and, unfortunately, it appears not a lot has changed.
According to the recent Hiscox Cyber Readiness Report, nearly three quarters of businesses fail the cybersecurity readiness test, and it shows. The report also found that:
- Mid-size organizations lose, on average, more than $578,000 annually to cybercrime
- 69 percent of respondents rank a cyberattack as the top risk to their organization.
Unsurprisingly, nearly 60 percent of business respondents said they intend to increase security spending by 5 percent or more on InfoSec.
More Cybersecurity Investment Is a Good Thing, Right?
In a perfect world, businesses of every size would have a fully-staffed security operations center (SOC), which includes 24/7/365 threat monitoring and real-time incident response. However, investing in a SOC is an avenue that has been traditionally closed off to SMBs. Part of the reason is that the security analysts needed to manage a SOC are in low supply and high demand. Retaining, let alone hiring them, is simply out of the question for many organizations considering the asking price tops $100,000 annually for each position.
“Point solutions have proven time and time again to be ineffective investments.”
Likewise, security information and event management (SIEM) software, which acts as the central console for a SOC, is costly and time-consuming to deploy, and even harder to manage. Businesses may receive hundreds of thousands of alerts in a single day. Most will be false positives, but all it takes is one poorly investigated false negative (or miss) to harm an organization. “Alert fatigue” is still a very real problem, and it stems primarily from the inability of existing security and IT staff to keep up with the relentless onslaught of security events.
Given these barriers to entry, what do mid-market companies do?
Most invest in point solutions, such as next-generation firewalls and intrusion detection systems that are promoted as “out-of-the-box” solutions. They’re easy to deploy and much more affordable than managing an in-house SOC. The problem is that they have proven time and time again to be ineffective, and you’re almost certain not to see any return on investment.
That brings us full circle to the problem at hand, which is that most organizations are wholly unprepared to meet today’s cyberthreats. So, when we hear that more than half of all businesses are investing in cybersecurity, we have to ask: What exactly are they investing in?
The Smart Choices: Hybrid AI and Managed SOC
In recent years, the escalating cost and time-intensiveness necessary for adequate cybersecurity have accelerated the rise of two key trends that are only now available to the mid-market.
The first is Hybrid AI. This security methodology uses machine learning and cognitive computing to deeply contextualize network events to better distinguish noise from real threats. This drastically reduces the total number of alerts that actually reach security analysts. Those indicators of compromise (IOCs) are subsequently investigated by human analysts, who then take remediation action or update their threat detection platform with feedback for new false alarms.
The second and more important trend, is the rise of SOC-as-a-service. Typically, hybrid AI is beyond the reach of SMBs since it still requires cutting-edge threat detection tools and full-time security analysts. However, SOC-as-a-service provides the benefits of hybrid AI—and everything else that comes with a modern-day SOC—at a predictable, annual subscription cost.
That last part is key. Poor cyber preparedness does not stem from an unwillingness to do better. It’s the outcome of being corralled into security investments that don’t deliver ROI.
SOC-as-a-service backed up by hybrid AI completely shatters that dynamic and replaces it with cost-effective security that actually protects your IT environment and increases cyber preparedness. Read the white paper for more information.