Endgame, a company delivering a converged endpoint platform to stop targeted attacks, has just announced the results of its latest research report, “Achieve Complete Breach Intolerance Through SOC Transformation” commissioned in partnership with Forrester Research.
Table of Contents
ToggleThe report aggregates insight from over 150 security decision makers from large US enterprises in technology, financial services, oil and gas, and energy industries. The results reveal that the number one priority for security executives is achieving complete breach intolerance, which requires fundamental changes to their staff’s skillsets, processes and tools.
Said Chris Sherman, Senior Analyst at Forrester Research: “This survey makes it clear that many global enterprises face targeted attacks on a daily basis. Preparing for and responding to these attacks requires a focused and resolute strategy of complete breach intolerance to stop system damage and data loss. Among other recommendations, enterprises should consider investing in a comprehensive endpoint technology that reduces complexity and burden on security operations teams.”
The results point to the following trends:
- A majority (64 percent) of executives surveyed are concerned that the next breach or attack they experience could be severe, a fear that is coupled with the fact that decision makers do not know the system or the vector that will be attacked next.
- Many security executives (60 percent) are working on expanding or upgrading their current SOC deployment. Enterprises need their SOCs to be working at peak performance, evidenced by the fact that nearly 40 percent of respondents experienced three or more types of attacks in the last year, with many facing daily attacks.
- Most executives categorize their staff’s proficiency as only competent. Only 44 percent of organizations have a tier 1+ analyst, with an additional 44 percent agreeing on the need to improve their staff’s technical skills around endpoint security or find automation tools to fill the expertise gap.
CISOs Crave Simplicity, Struggle with the Complexity of Multiple-Point Solutions
The survey uncovered that 71 percent of respondents are using five or more technologies in their SOC, and a third of respondents are using eight or more technologies. One CISO of a global energy company stated: “What I’d like to do is reduce the overall risk footprint, thus being able to reduce the number of tools. There’s a lot of work that we’re doing to try to reduce overlap of tools.”
The Cybersecurity Skills Gap Presents CISOs with Major Problems
Apart from complexity around multiple point products, security executives also stressed the need to find and retain staff with expertise required to combat targeted attacks. Regarding his staff, a CISO of a US banking organization commented: “They get a lot of drive-bys, where people come by and ask for help. That distracts them from what they really need to be doing. Because we’re short staffed, that keeps us from optimizing some of the tools that they need to optimize.”
This sentiment was also repeated by a CISO of a global energy company: “I think the biggest challenge that we’ve been facing is trying to get the right level of expertise. It’s very, very hard for us to find people that are experts in the field to come in and work with us.”
Endgame’s AI-powered chatbot Artemis™ alleviates SOC staff struggles by combining built-in domain expertise with natural language understanding – all in a simple user interface – to allow users of any skill level to rapidly respond to threats. This tool is proven to reduce pressure enterprises face training and retaining top talent, as echoed by surveyed executives.
For a full look at the research, click here or listen in to Endgame’s latest webinar with Forrester on the survey results.
Read more on the risk of a cyber attack here
Top CISO Concerns
The number one priority for security executives is achieving complete breach intolerance. Chris Sherman, Senior Analyst at Forrester Research says: Many global enterprises face targeted attacks on a daily basis. Preparing for and responding to these attacks requires a focused and resolute strategy of complete breach intolerance to stop system damage and data loss.” 64 percent of executives surveyed are concerned that the next breach or attack they experience could be severe. Many security executives (60 percent) are working on expanding or upgrading their current SOC deployment. Most executives categorize their staff’s proficiency as only competent. 71 percent of respondents are using five or more technologies in their SOC, and a third of respondents are using eight or more technologies. Security executives also stressed the need to find and retain staff with expertise required to combat targeted attacks.