92% of cybersecurity leaders say that growing IT complexity makes security more challenging
Brian Gleeson, Head of Infinity Product Marketing, Check Point
As the world becomes more connected and networks continue to evolve, securing IT environments has become increasingly complex. To combat these attacks businesses deploy multiple point solutions, many of which focus on detecting and mitigating threats rather than preventing them before they breach enterprise networks. This reactive approach to cyber-attacks is costly and ineffective, complicating security operations, and creating gaps in the security posture of an enterprise.
To better understand the current climate Check Point commissioned Dimensional Research* in April 2020 to survey 400 global security leaders to capture hard data on their attitudes about the state of cyber security in their organisations.
Challenges facing the enterprise
- Increased complexity.92% of the cybersecurity professionals polled said that growing IT complexity makes security more challenging. Attack surfaces have expanded as organisations adopt public cloud computing, SaaS applications, enabling mobility, and supporting remote work as a result of COVID19.
- The threat landscape. 91% of survey respondents said they see an increase in the sophistication of cyber attacks. Check Point researchers have also seen attackers use creative ransomware tactics and new types of cloud attacks.
- There’s a global cybersecurity skills shortage.Security teams today are frequently understaffed and overwhelmed trying to meet dynamic business needs while protecting their organisations against attacks. According to Gartner, the current skills shortage will increase and it will become more difficult recruiting experienced security professionals.
- Too many security solutions.99% of the companies surveyed use solutions from multiple security vendors and agree that managing them is challenging and makes securing their organisation more complex. Most organisations don’t upgrade their security systems fast enough and use aged solutions that cannot defend against the current generation of attacks. Managing and integrating multiple solutions from different vendors takes time, resources, training, operation overhead, and increased budget – all things most security teams are in short supply of.
The five criteria for an effective cyber security architecture
Organisations need to adopt a holistic cyber security strategy that addresses today’s security challenges by eliminating complexities and inefficiencies, sealing security gaps, and protecting their organisations from both known and unknown threats.
A modern approach to today’s security challenges includes:
- A consolidated architecture: By embracing a consolidated architecture that enhances security coordination and effectiveness, organisations will improve security and save budget used to integrate multiple, siloed solutions. A unified architecture will reduce operational overhead and more easily allow organisations to address many of the security challenges they face today.
- Prevention technology: Adopting an active threat prevention approach enables organisations to block attacks before they can cause damage to their systems. With the increase in the sophistication of attacks, volume, and speed, relying on detection-only technology and human remediation can be disastrous.
- Automation and planning: Security protections need to work at machine speed to stop malware that operates in milliseconds. Real-time automatic updates of all enforcement points is critical to protecting the sheer number of attack surfaces at most organisations. Automating processes creates efficiencies and improves security team effectiveness.
- Visibility and control:For security teams to react in real time to prevent cyberattacks and minimise the damage to their organisation a single view of the entire environment is needed to improve visibility and control. A centrally managed security infrastructure eliminates visibility silos and helps improve defences.
- Agility and enablement: In today’s business environment waiting for a security team to secure a new app or cloud environment is not always acceptable. In many cases, DevOpps teams will release solutions without proper security rather than waiting. Security teams need to operate at the same speed and effectiveness as other parts of the organisation and serve as a business enabler.