Cybersecurity focused only on prevention puts organisations at risk

The growing wave of cyber attacks is showing day by day that the old ways of defense are no longer as effective. Cybercriminals are increasingly relying on sophisticated techniques to invade the IT environments of organisations of all sizes and sectors. And, as if this were not enough, the recent acceleration of digital transformation processes in recent years has been expanding the attack surface, opening new opportunities for attackers to act.

A recent report generated from a survey of cybersecurity leaders sponsored by Vectra AI, a company specializing in Artificial Intelligence-based threat detection and response, revealed that almost all respondents (92%) felt highly pressured faced with the task of keeping their organisations protected from cyber attacks in the past year.

“The current threat landscape is dynamic and volatile, so there is no total protection. There are many attack vectors that can be exploited and many assets are under-managed and under-protected. On the other side, cybercriminals rely on advances in malware, automated toolkits and ‘as-a-service’ break-in models that have opened the door even for technology novices. That’s why hunting attackers hiding in networks is like finding needles in a haystack,” explains Tim Wade, deputy chief technology officer at Vectra AI.

Much of the pressure experienced by cybersecurity leaders in enterprises has to do with the fact that they cannot keep up with the tactics, techniques and procedures of cybercriminals.  An 83% share of respondents believe that traditional approaches no longer protect against the latest threats. In addition, the survey highlighted that legacy ‘prevention-centric’ pipelines put organizations at risk.

Recent advances in attack methods allow attackers to bypass prevention technologies, such as multifactor authentication, with relative ease. However, old prevention-centric thinking remains prevalent, with preventative measures that taken alone are not sufficient. Moreover, the common belief remains that if a hacker can gain network access, the enterprise is lost.

An indication of this view comes from 50% of respondents who said they spend more on prevention than detection. Just over a fifth (23%) invest more in detection and less than a third (31%) about the same on both fronts.

“While organisations should try to make life as difficult as possible for attackers, prevention should not detract from detection. In a high-stakes game where criminals have many cards up their sleeves, detection and response to intrusions are the best means to quickly minimise the impacts of any incident,” says Wade.

Added to this is the fact that 71% of respondents feel that companies’ cybersecurity innovation is years behind that of hackers. Another 71% also feel that organization guideline, policies and tools are not catching up with those of cybercriminals. Making matters worse, more than three-quarters (79%) of cybersecurity leaders reported buying tools that did not live up to their promises, failing to detect more sophisticated attacks and exhibiting poor integration with other tools.

However, it is not just the old way of thinking and acting within cybersecurity departments that is exposing organisations to risks. Hierarchical postures and corporate culture can also create negative impacts. For 83% of respondents, decisions involving cybersecurity take are influenced by relationships between management and established vendors. More than half (54%) said they feel a decade behind when it comes to cybersecurity discussions.

These numbers highlight the need for cybersecurity teams to try to educate senior management new threats and more effective defense strategies. The task will not be easy, as nearly two-thirds (61%) of respondents commented on the difficulty of communicating the importance of cybersecurity to senior management because it is difficult to measure. The study’s suggestion is to seek to align specific security metrics with business objectives, quantifying them based on risk.

Vectra AI’s research surveyed 1,800 cybersecurity decision makers in organisations with more than 1,000 employees in France, Italy, Spain, Germany, Sweden, Saudi Arabia and the United States and with more than 500 employees in the Netherlands, Australia and New Zealand.