A recent survey conducted by the highly respected SANS Institute has revealed the current state of cybersecurity practices. The survey involved cybersecurity professionals assessing their organization’s cybersecurity measures, providing a comprehensive picture of the cybersecurity landscape.
The survey results show that organizations are taking steps to protect their digital assets, with an impressive 83% of respondents expressing confidence in their defined policies, processes, and controls. However, there are concerning trends that cannot be ignored.
One significant finding is that 67% of respondents lack actual metrics and reports to prove the effectiveness of their cybersecurity measures. This suggests that many organizations may be operating without the necessary data to evaluate the success of their security strategies. Without clear metrics and reports, it becomes challenging to identify vulnerabilities and make informed decisions to enhance cybersecurity. Addressing this gap is crucial to ensure organizations are adequately protected.
Another revelation is that while 73% of organizations have conducted risk assessments in the past year, only 8% find security metrics and key performance indicators (KPIs) useful and effective in driving improvements in security processes. This highlights a missed opportunity for organizations to gain valuable insights through the analysis of security metrics. By leveraging KPIs, organizations can identify areas of weakness and allocate resources more effectively to strengthen their cybersecurity posture.
In terms of evaluating the effectiveness of their Security Operations Center (SOC), 69% of organizations use a cybersecurity framework. The National Institute of Standards and Technology (NIST) Cybersecurity Framework emerged as the preferred choice for 74% of organizations utilizing a framework. However, despite the use of frameworks, only 54% of respondents rated their SOC maturity as high or somewhat mature. This indicates that many organizations still have room for improvement in terms of their SOC capabilities. Enhancing SOC maturity is crucial in effectively detecting and responding to security incidents, as well as minimizing the impact of potential breaches.
The survey also highlighted variations in organizations’ approach to cybersecurity training. Alarmingly, 43% of respondents admitted to not having formal IT/security training programs in place. Given the rising level of volume and sophistication in cyber threats, the establishment of such programs is essential. Organizations that invest in formal training programs are better equipped to educate employees on cybersecurity best practices, reducing the risk of human error and strengthening their overall security posture.
When it comes to specific cybersecurity domains, the survey revealed varying levels of confidence. Identity and access management (IAM) received positive feedback from 60% of respondents, indicating a well-defined approach to protecting digital identities. On the other hand, application security and third-party supply chain/risk management received confidence ratings of only 44% and 41%, respectively. These findings underscore the need for organizations to prioritize these areas and ensure their security measures are well-defined and robust.
Interestingly, the survey also explored benchmarking practices among organizations. It found that 45% of organizations perform benchmarking exercises, while 41% do not. Automated vulnerability scanning emerged as the most common benchmarking tool, with 78% of organizations utilizing it, followed by open source security tool testing (54%) and commercial security tool testing (49%). These benchmarking practices enable organizations to assess their cybersecurity measures against industry standards and best practices, helping identify areas for improvement.
In conclusion, the survey conducted by SANS Institute provides valuable insights into the current state of cybersecurity practices. While organizations have made progress in defining policies, processes, and controls, there are still notable gaps in areas such as metrics and reporting, SOC maturity, and formal training programs. By addressing these gaps and leveraging benchmarking tools, organizations can enhance their cybersecurity posture, better protect their digital assets, and effectively respond to evolving cyber threats. It is crucial for organizations to stay vigilant and continue to invest in robust cybersecurity practices in an ever-evolving digital landscape.
