A global survey of IT professionals reveals that the vast majority of organizations lack tools to detect known security threats and close existing security gaps. More than half of IT pros indicated their security program lacks proper executive support.
In a survey of more than 300 security professionals and executives, LogRhythm researchers sought to find the root causes of stress for security teams, and solicited feedback on how IT pros believe they can fix their problems. It found 75% of security professionals now experience more work stress than two years ago, and 93% lack the tools to detect known security threats. In another key finding, 92% state they are still in need of appropriate preventative solutions to close current security gaps.
Working with executives is a drag
Asked what causes the most work-related stress, respondents primarily said a lack of time (41%) and working with executives (18%). Pressed to expand on the latter response, 57% of respondents said their security program lacks proper executive support — defined as providing strategic vision, buy-in and budget.
Security professionals further cited inadequate executive accountability for strategic security decisions (42%) and said it was the top reason they want to leave their job.
“An alarming statistic, given nearly half of companies (47%) are trying to fill three or more security positions,” the researchers said.
Not the first study to uncover these harsh truths
A Bitdefender survey of more than 6,000 infosec professionals in large organizations across the US, EMEA and APAC produced similar findings last year. 42% of the infosec C-level executives said a lack of proper security tools within their organizations was the main obstacle to rapid incident detection and response. Asked if they’d ever been kept awake at night worrying their company might get hacked, 49% answered “sure” without hesitation. 33% said their biggest stressor was a shortage of cybersecurity staff. And over half of respondents admitted they were considering leaving their current job due to stress, understaffing and insufficient budgets.
Accidental, redundant security deployments
In the LogRhythm report, 68% of respondents admitted their organization has deployed redundant security tools, and 56% confess this overlap is accidental, suggesting that at least some portion of the cybersecurity budget goes out the window.
Asked what additional support their security programs require, 58% of respondents said they still need increased funding for tools.
Security pros rate the value of solution consolidation highly, citing benefits like less maintenance (63%), faster issue detection (54%), identification (53%), and resolution (49%), as well as lower costs (46%) and improved security posture (45%). Unfortunately, only one in three companies has a real-time security dashboard that offers a clear, consolidated view of all their security solutions, the research reveals.
What could fix it?
Managed Detection and Response (MDR) solutions seek to alleviate these woes through a SOC-driven 24/7 service that leverages monitoring, advanced analytics, threat intelligence, and human expertise in incident investigation – all to keep threat actors out of customer environments
Bitdefender MDR includes endpoint prevention and detection, endpoint risk analytics, network traffic analytics, threat hunting and security policy tuning, all integrated with a best-in-class threat intel engine.