Does traditional security protect against modern threats?
Vectra, a leader in threat detection and response, has uncovered how today’s organisations are tackling modern cyber threats.
According to McKinsey, experts believe that during the course of 2020, many companies were pushed over a “technology tipping point” which accelerated digitisation by several years. But, the same digital transformation that is powering innovation is also expanding the attack surface.
Vectra’s Security Leaders Research Report found that 89% of respondents think traditional approaches don’t protect against modern threats and that ‘the game needs to be changed’ when it comes to dealing with attackers. The report surveyed 200 IT security decision-makers working at organisations with more than 1,000 employees in the UK.
Is rapid digital transformation leaving gaps in security?
Many respondents to Vectra’s report felt that the industry is falling behind. 89% acknowledged that legacy approaches don’t protect against modern threats, and that we need to “change the game when it comes to dealing with attackers”. This was echoed by the fact that 69% think that cybercriminals are leapfrogging current tools and that security innovation is years behind that of the hackers.
A further 72% feel security guidelines, policies and tools are failing to keep pace with threat actor TTPs. It is perhaps unsurprising that more than three quarters (76%) of security leaders reported they have bought tools that failed to live up to their promise, with integration, lack of visibility cited as key reasons.
Garry Veale, Regional Director, UK & Ireland at Vectra, commented: “Digital transformation is driving change at an ever-increasing pace. Yet companies are not the only ones innovating. Cybercriminals are too. As the threat landscape evolves, traditional defences are increasingly ineffectual. Organisations need modern tools that shine a light into blind spots to deliver visibility from cloud to on premise. They need security leaders who can speak the language of business risk. Boards that are prepared to listen. And a technology strategy based around an understanding that it’s ‘not if but when’ they are breached.”
Prevention vs detection
Of the 78% of respondents that experienced an event requiring a significant incident response, just over half (57%) were alerted to the problem by their security tools. This is a positive development, compared to in 2015, when research indicated that 70% of breach incidents were discovered by a third party.
Over a quarter (27%) of respondents said they’re very confident their portfolio of tools could detect and protect them against the kinds of threats used in the Kaseya, SolarWinds and JBS attacks. A further 25% said they were fully confident that they have visibility of all threats facing their organisation.
Two-thirds (65%) of respondents still believe prevention is more important than detection — believing that if a hacker manages to gain access to a corporate network, the company has already lost. As a result, 46% said they spend more on prevention than detection, with only a fifth (23%) spending more on detection and a third (31%) roughly the same.
“With the security landscape rapidly evolving and becoming increasingly complex, more often than not the attackers hold the advantage. This means security leaders must adopt a fresh approach to security that revolves around detection and response, while moving away from prevention-first strategies,” concludes Veale. “This new approach to security can create the right conditions for effective cyber-risk management but in order for the wider security industry to embrace this pro-active culture, there needs to be greater communication and consultation amongst both the board and regulators to ensure all parties are reading from the same script.”
