One recent survey seems to indicate this dangerous trend.
Half of the respondents of a recent Security Operations Effectiveness survey (Nov 2019) reported experiencing a security breach because one or more of their security products was not working as expected.
Just over half (57%) of security professionals were confident that their current security solutions are working as intended. Yet only 35% of respondents stated that they conduct testing to ensure their security products are configured and operating as they expect.
About 86% of respondents see strong value in security solutions that can actively test their company’s security products and posture, using both internal and external attack vectors.
Said Scott Register, vice president of security solutions at Keysight’s Network Applications & Security Group (formerly Ixia Solutions Group), which commissioned the survey: “Enterprises are faced with a continuous stream of cyberattacks that threaten their businesses, and in many cases they attempt to deal with these by buying more security tools. Yet they don’t know whether these products are delivering the protection they expect. The disconnect is when good security tools are misconfigured or security teams lack the skills to use their tools.”
According to Register, this situation leads to overspending on overlapping tools and compromises an organisation’s security posture. Ongoing testing of security solutions would give organisations the proof and confidence that they are protected, but also would provide the opportunity to save resources.”
Key findings from the survey include:
- Organisations are breached often: 75% of respondents said their company had experienced a security breach (unauthorized intrusion, malware, hack etc), and 47% have experienced three or more breaches in the last three years.
- Good security tools do not always protect as expected: 50% of survey respondents stated they found a security solution was not working as expected after a breach had occurred.
- Most organisations
do not verify their security is working as it should:
Only 35% of respondents have test-based evidence to prove their security products are configured and working correctly.
- Only half of organisations practice breach responses: 49% of respondents stated they actively practice how to remediate and respond to security incidents.
- Overlapping security product functions waste budgets and time: 66% of companies are using security solutions whose functions overlap, and for 41% of respondents this overlap is unintentional, wasting security budgets and management time without strengthening the organisation’s security posture.
- The value of security testing: 86% of respondents stated they would value a solution that finds and helps to remediate vulnerabilities in a company’s security posture. 79% of those surveyed would remove a security product from their infrastructure if they could prove it wasn’t effective.
A total of 307 participants who strategize, architect, manage and operate enterprise security solutions participated in the survey. Participants were from all five continents. They represented large (48%), medium (41%), and small (11%) organizations across a wide variety of industries.