Ponemon Institutes and IBM’s latest Cyber Resilient Organization Report points out the lack of funding and resources as the two key issues plaguing the enterprise security function.
The lack of funds and skilled personnel in the cybersecurity area – those are two main themes that have emerged from the IBM/Ponemon Institute Cyber Resilient Organization Report. The staff can only be attracted to cybersecurity roles with the promise of increased salaries, and so those two themes could be regarded as one – but while that level of reductionism might be cleaner, it prevents deeper analysis.
As per the survey results, if businesses are looking to enrich their cybersecurity posture, the two ways to make the quickest gains are to employ skilled personnel and to ensure adherence to data protection governance applicable in the local territories. Those gains have been realized over the last couple of years by those businesses that were not classifiable as the “high performance” when it came to cybersecurity.
The measure of cybersecurity breaches identified by the Institute might alarm the readers. Incidents that made it into the survey were classified as “causing significant disruption,” or involved the loss of over a thousand personal records of customers or employees. That seems like setting the bar high, considering that the cybersecurity personnel will be aiming to be 100% watertight. And over the last two years since the last survey of this type, there has been a nominal fall in the total number of such cyber incidents.
The survey respondents also quoted the existence of the data silos as one of the major issues. On that note, the issues seemed to arise from the multiplicity of cybersecurity data and tools, rather than from more generalized demarcation of data repositories between different business functions – HR’s data not getting amalgamated with the Logistics’ data, for example, was not the actual problem.
Reducing the number of cybersecurity tools only provided marginal gains with better response times and effectiveness. There were significant gains to be incurred by creating coherent interactions between multiple tools, the survey respondents admitted. While the logic of this is irrefutable, as the type of functionality might be the most effective way to be achieved by working with what the cyber teams already have, rather than sourcing “the one platform ruling them all.”
The survey had a proportion of obviousness – the need for better and precise planning – and this serves here to reflect on the resources and shortage of budget that is available to most cybersecurity teams. Planning and the production of “playbooks” for successful cyber threats take time, money, and efforts.
The most common playbooks to be successfully implemented were around malware and DDoS attacks, with pre-emptive activity such as the anti-phishing measures receiving minimum resource allocation, confirmed the survey’s respondents.
Like many of the Ponemon Institute’s research papers and surveys, the latest example is sponsored by a commercial company.
The intended message of the survey is to highlight that regardless of being heard countless times before that, the “cybersecurity teams need more cash and more people” – the request often goes unattended.