Security teams expect breach and incident reporting requirements to create more work
Most IT security professionals will focus on improving “detect” and “respond” capabilities, amidst concern over increasing costs and regulatory pressures, according to Deepwatch.
The report found that digital transformation initiatives and regulatory requirements were the top two cost drivers expected for 2023. 78% of security professionals expect breach and incident reporting requirements to create more work for their teams, and 77% expect increased work from privacy requirements.
“Regulatory developments around both incident reporting and privacy will undoubtedly continue to ramp up in 2023,” said Bill Bernard, AVP, Security Strategy at Deepwatch.
“Between differing perspectives on reporting timelines and the multiple agencies and authorities involved, breach notification compliance will be complex and challenging for security teams. On the privacy side, security professionals who typically don’t consider themselves privacy professionals will need to play a role in enforcing various controls stemming from multiple privacy requirements emerging across numerous states, countries and governments,” added Bernard.
Cybersecurity insurance is another cost concern for 78% of security professionals. 39% said it’s already too expensive, and another 39% said that while they believe cyber insurance offers value today, that won’t be the case if prices go up further.
To keep up with rising threats, most security teams are prioritizing investments in their “respond” (46%) and “detect” (42%) functions of the NIST framework. 95% of security professionals cited continued staffing challenges, 82% of security professionals either have or are considering managed services.
“Many organizations still struggle to mature security programs beyond the hardening strategies with strong detection and response capabilities,” added Bernard.
“While we all want to do our best to minimize the attack surface as much as possible, we know the attack surface cannot be totally eliminated. In today’s landscape, every enterprise should be monitoring environments 24/7/365. Running a security operations center internally is a huge undertaking, and many are not only alleviating that workload through managed detection and response (MDR) partners but they are also getting increased efficacy from MDR specialists that are built to give the highest fidelity alerts and rapid response actions to contain threats swiftly,” concluded Bernard.