Many security teams are prioritizing prevention over detection, with disastrous results
>
When it comes to securing the premises, most companies prioritize prevention over detection, investigation and response, a new report finds. However, as a result, large numbers of businesses are affected by data breaches or other attacks, with incidents getting worse and worse.
Exabeam researchers surveyed 500 IT security professionals and found that approximately two-thirds of respondents (65%) prioritize prevention as their number one endpoint security (opens in new tab) goal.
For a third (33%), detection had the highest priority.
Late to the party
To make matters worse, the companies actually act on this thought. Nearly three-quarters (71%) spend between 21% and 50% of their IT security budgets on prevention, while 59% invest the same amount as on detection, investigation, and response.
The problem with this approach, according to Exabeam’s Chief Security Strategist, Steve Moore, is that the firms focus on prevention with crooks already inside, making their efforts futile.
“As is well known, the real question is not whether attackers are on the network, but how many there are, how long they have had access and how far they have gone,” says Moore. “Teams need to raise awareness of this question and treat it as an unwritten expectation to realign their investments and where they need to perform, paying due attention to adversary alignment and response to incidents. Prevention has failed.”
When asked if they are sure they can prevent attacks, most respondents answered yes. In fact, 97% said they were confident in their tools and processes to prevent and identify intrusions and data breaches.
When asked if they could easily tell their boss that their networks hadn’t been hacked at the time, only 62% answered yes, meaning more than a third were unsure.
In other words, says Exabeam, security teams are overconfident and have data to back it up. Citing industry reports, the company claims that 83% of organizations experienced more than one data breach last year.