The State of Global Security Operations: By the Numbers
Even though more than $130B is spent on cybersecurity annually, the number of breaches continues to rise. Something isn’t adding up.
Explore highlights from recent global research conducted by CyberRisk Alliance to examine the extent organizations are struggling to establish effective cybersecurity defenses.
SOURCE: CRA 2021 Survey North American IT Leaders
On average, IT leaders reported investigating 1,376 incidents per year, about three per day, with 33% of North American organizations surveyed reporting investigating more than three incidents per day.
Incidents are being missed. Unless you have unlimited team members to manage and triage alerts, your organization is at risk of an incident slipping through the cracks.
1,376 Investigated IT Incidents Per Year
(3 Incidents Per Day)
33% of North American Organizations Saw More Than 3 Incidents Per Day
Our organization is in a state of chaos and transition, between the covid related furloughs and shutdowns, the addition of work from home, and the ongoing digital transformation, our organization has never been this vulnerable to attack.”
Security gaps at the management level
An alarming 49% of IT and Security leaders say they lack C-Suite support for cybersecurity initiatives, while 52% believe their upper management/senior leadership lacks cybersecurity awareness or knowledge.
The saying “If it ain’t broke, don’t fix it” shouldn’t apply to a cybersecurity strategy. When leadership only hears about IT and cybersecurity when there are urgent issues, it can be challenging to build a proactive security approach.
49% of IT and Security leaders say they lack C-Suite support for cybersecurity initiatives
52% of IT and Security leaders believe their upper management/senior leadership lacks cybersecurity awareness or knowledge
Only 1 in 5 respondents is “very confident” about defending their organization against cyber attacks in the near term.
Making matters worse?
More than half of respondents reported that IT staff burnout was a major obstacle they’d have to overcome in the next six months.
IT and security teams find they increasingly lack the resources and training to handle a rising number of incidents, leaving organizations vulnerable to increasingly malicious and creative attacks by bad actors.
Challenges with regulatory compliance
More than half (53%) of respondents cite regulatory compliance as a primary challenge for improving their organization's security posture in the next six months.
Regulatory Compliance is a Challenge