Keysight just released their Security Operations Effectiveness survey which was commissioned from Dimensional Research from 307 participants that strategize, architect, manage and operate enterprise security solutions completed the survey. Participants were from all five continents. They represented large (48%), medium (41%), and small (11%) organizations across a wide variety of industries. Researchers administered the survey electronically, and participants were offered a token compensation for their participation.
A strong majority of security professionals surveyed, 86% of respondents, recognize value in security test solutions that can actively test their company’s security products and posture, using both internal and external attack vectors.
75% have had breaches and the majority of the rest did not and 4% did not know.
Other findings are as follows:
- Good security tools don’t always protect as expected: 50% of survey respondents stated they found their security solution was not working as expected after a breach had occurred.
- Most organizations don’t verify their security is working as it should: Only 35% of respondents have test-based evidence to prove their security products are configured and working correctly.
- Most organizations recognize the value of security testing: 86% of respondents stated they would value a solution that finds and helps to remediate vulnerabilities in a company’s security posture.
“Even the best security products can’t keep you safe unless they are properly configured,” said Doug Close, senior vice president of cybersecurity at IT solutions provider Sayers. “Being able to automatically simulate attacks, detect security gaps and receive detailed recommendations gives customers a powerful advantage both for bridging gaps and improving day-to-day security operations.”
Those surveyed indicate that they are concerned about security against an ever-increasing attack surface; they worry about insider threats with 66% worried about infected employee devices; while 34% worried about a low-security staff skill set. 55% percent of those surveyed also worry about the risk of external attacks.
These figures reveal that security professionals are overconfident in their security infrastructure. While they believe that their security tools are working, the operational reality is very different. Cyberattacks are taking place with solid security tools in place.
Join others with $25B+ in IT buying power who plan 2020 budgets! Including 3,000+ resellers!
It is the must-attend MSSP event!
June 22-25, 2021, Miami, FL. Register now.