Automation, visibility remain biggest issues for cyber security teams2 min read

According to a new report, organisations continue to lack necessary levels of automation or visibility within their cyber terrain, especially as security stacks grow and are underutilised.

The findings come from Fidelis Cybersecurity’s annual State of Threat Detection Report. Without automation to gather data and provide a context to security incidents, or visibility to root out threats hiding in the network, organisations’ overall levels of risk increase while – at the same time – their confidence suffers.

Key findings

The report’s findings came from a survey of 300 respondents, including CISOs, CIOs, CTOs, architects, engineers and analysts across the finance, healthcare, public sector and federal industries. Of these, more than half (57.43%) said that a lack of automation was a pressing concern for their organisation, making it the top priority. This was closely followed by a lack of visibility, which had a pressing impact on 53.39% of organisations.

Most organisations are adding more point solutions, dealing with higher levels of network traffic, and working with more connected devices than ever according to the research. This is often done in an urgent and reactive manner, without the necessary time and training to understand the full capabilities of the solution or assurance that they full integrate with the security stack for full interoperability. The result? Major security gaps and underutilised stacks.

The report also found that:

• Confidence in security defences has a ripple effect. Nearly half of respondents (49.02%) lack visibility of their entire cyber terrain. More than half (55.03%) do not have control over blind spots, which lowers their confidence in their organisation’s ability to identify insider threats.
• The majority of organisations admit they are not using their stack to its full potential. Only 6.54% of all organisations surveyed believe they are using their full security stack to its full capability. However, most organisations realise that this is a problem, with 78% of respondents replying that they have, or are planning to consolidate their security stack.
• Threat intelligence and threat hunting remain an imperative. Over half of those surveyed do not engage in threat hunting. The top reasons are a lack of time (49.11%) or a skills gap (41.42%), but 70% believe it’s necessary in today’s cyber landscape.
• Only 45.80% reported that they had threat intelligence tailored to their organisation.

For more on this report, click on the link.