Nearly 80% have purchased tools that have failed them and three-quarters believe they could have been unknowingly breached.
The majority of companies with more than 1,000 employees have experienced at least one “significant” security event requiring a response in the last year. Between February 2021 and February 2022, this has happened to 74% of the organizations surveyed by Vectra AI.
In its global Security Leaders Research Report survey of cybersecurity managers, an even higher number of companies, 92 %, confirm that they have felt increased pressure during this time to keep themselves safe from cyberattacks.
Eighty-three percent believe that traditional approaches are not sufficient to protect against modern threats and believe that the rules of the game need to be changed. In fact, 71% say that criminals are able to bypass the barriers of today’s tools, so security innovation would lag years behind the sophistication of malicious hackers.
Prevention-focused strategies remain prominent, failing to contain breaches. “While organizations should try to make life as difficult as possible for an attacker, prevention should not come at the expense of detection,” explains Tim Wade, Associate Director of Technology at Vectra AI. “If a cybercriminal gains access to a corporate device or network, there are still several stages in the attack chain that they must complete before they reach their target. In a high-risk game where the bad guys hold many winning cards, detection and response are the best option to minimize the impact of any breach as early as possible.”
Moreover, “companies are not the only ones innovating. Cybercriminals are too,” warns Wade. That’s why companies need to understand that “it’s not a matter of ‘if,’ but ‘when’ they are breached.”
Virtually 8 out of 10 organizations have purchased tools that have failed on occasion. Behind this are issues such as poor integrations, inability to detect modern attacks and lack of visibility. Another obstacle is the shortage of cybersecurity talent.
Another takeaway from the Vectra AI report is that nearly 3 out of 4 companies agree that they may have been breached without being aware of it. Forty-three percent say this is “likely”.