Despite economic uncertainties, security software projects and investments are top of chief information officer priority lists as they confront evolving threats and recognize the value of taking a proactive, comprehensive approach. In this article, we’ll look at why a comprehensive approach to cybersecurity is so important, and how your organization can do more with less during uncertain times.
We’ve seen rapid increases in the volume, severity, and sophistication of cyberattacks, along with a growing breadth of targets. In the past, threats were largely confined to specific sectors or were considered to be more manageable reactively.
People are now the primary attack vector and represent the greatest vulnerability to an organization’s security. A recent industry study found that identity-driven attacks accounted for 61 percent of breaches. The risk-to-return ratio makes these human-centered attacks irresistible for cybercriminals. For example, password-spray attacks cost an attacker almost nothing and can yield invaluable access to business information. Phishing remains the most prevalent form of cyberattack, with business email compromise potentially the most costly. From the time your business email is compromised, it takes only an average of one hour and 12 minutes for an attacker to access your private data.
Our internal defender community continues to track the rise of ransomware as a service. This retail approach to cybercrime lowers the barrier to entry because it requires virtually no technical skills.
It’s clear the threat landscape we face requires new approaches. A new research finds that 72 percent of chief information security officers at organizations with more than 1,000 employees believe that having a comprehensive set of products that spans security, compliance, and identity is “extremely or very important.” A new research shows that large organizations have an average of 75 security solutions. Clearly, there’s a growing recognition among cybersecurity leaders that managing multiple vendors can be burdensome for an IT team. Worse, patchwork solutions can create dangerous blind spots by leaving valuable security insights siloed in separate dashboards. This kind of fragmented visibility provides an opportunity for threat actors.
Experts predict the global workforce will need to hire and train roughly 3.4 million cybersecurity professionals to defend the growing digital space. Unfortunately, many groups are still underrepresented in this crucial profession. Less than 25 percent of the cyber workforce are women and, in 2021, only 9 percent of cybersecurity workers were Black and only 4 percent Hispanic.
One year ago we announced our first major milestone. That was an inspiring accomplishment, but we couldn’t have done it alone. Even as the digital world grows and threats continue to multiply, I’m constantly encouraged by the creativity, determination, and can-do spirit displayed by our partners and customers. The move to a multi-platform environment continued to bring new security challenges. I’m looking forward to learning from all of you and forging stronger relationships in the year ahead.