Automation, visibility remain biggest issues for cybersecurity teams

Organizations still do not have necessary levels of automation or visibility within their cyber terrain, especially as security stacks grow and are underutilized, Fidelis Cybersecurity’s annual State of Threat Detection Report has shown.

Without automation to gather data and give context to security incidents, or visibility to root out threats hiding in the network, organizations’ overall levels of risk increase while their confidence suffers.

Key findings

Of the 300 respondents – CISOs, CIOs, CTOs, architects, engineers, and analysts across the finance, healthcare, public sector, federal industries – 57.43 percent shared that a lack of automation was a pressing concern for their organization, making it the top priority. This was closely followed by a lack of visibility, which had a pressing impact on 53.39 percent of organizations.

Most organizations are adding more point solutions, dealing with higher levels of network traffic, and working with more connected devices than ever according to the research. Yet often this is done in an urgent and reactive manner, without the necessary time and training to understand the full capabilities of the solution or assurance that they full integrate with the security stack for full interoperability. The result? Major security gaps and underutilized stacks.

The report also revealed the following:

• Confidence in security defenses have a ripple effect – Nearly half of respondents (49.02%) don’t have visibility of their entire cyber terrain and over half (55.03%) don’t have control over blind spots which lowers their confidence in their organization’s ability to identify insider threats.
• Majority of organizations admit they are not using their stack to its full potential – Only 6.54% of all organizations surveyed believe they are using their full security stack to its full capability. Good news is that most organizations realize that this is a problem, with 78% of respondents replying that they have, or are planning to consolidate their security stack.
• Threat intelligence and threat hunting remain an imperative – Over half of those surveyed do not engage in threat hunting with top reasons being a lack of time (49.11%) or a skills gap (41.42%), but 70% believe it’s necessary in today’s cyber landscape.
• Only 45.80% reported that they had threat intelligence tailored to their organization

“Organizations can’t stop their terrain from growing but they can control what they add to their security stacks for their overly burdened security teams. This research shines a light on organizations’ need to consolidate stacks and the need for interoperability and unified platforms,” says Craig Harber, Fidelis CTO.

“While there’s still a lot of work to be done, organizations need to take a terrain-based defense strategy – even in how they maintain and build their stacks – to ensure the increased context and visibility required to facilitate detections and overall security posture.”