Eighty-six percent of respondents in a survey are confident or very confident they have no gaps in their security controls deployed across devices, applications, people and data, according to a Forrester Consulting Study, commissioned by Panaseer.
"However, the complexity of today’s IT infrastructures and the heterogeneity of enterprise security tools make it difficult for security pros to protect their environments," says the study. The majority (97 percent) experience challenges with their tools because they take a traditional reactive approach to fighting cybersecurity threats, says the report. When asked about the biggest challenges that they face with the security tools, the top responses include:
- Controlling coverage gaps across security functions (56 percent)
- Viewing a comprehensive list of assets across the organization (43 percent)
- Collecting, normalizing, aggregating, deduplicating and correlating disparate data (39 percent)
- Tracking which assets and controls do not meet regulatory and compliance policies (39 percent)
- Determining the effectiveness of security controls (38 percent)
- Getting a real-time view of corporate risks (37 percent)
- Tracking performance of security controls over time (37 percent)
As threat levels increase, 64 percent of companies are making it a high or critical priority to implement a risk framework aligning cybersecurity risk and enterprise risk. The study identifies that one in five do not have a centralized approach for risk management.
When asked what technologies, if any, does their company use to identify and understand enterprise risk, the top responses include:
- Security analytics platform - 83 percent
- Security information and event management (SIEM) technology - 80 percent
- Vulnerability management technology - 70 percent
- Governance, risk and compliance platform - 64 percent
- Vendor risk management technology - 61 percent
- Third-party risk intelligence feeds - 57 percent