Independent study uncovers biggest security challenge companies face
26 September 2019, New York and London: Panaseer, the first Continuous Controls Monitoring platform for enterprise cybersecurity, today released the results of a July 2019 study conducted by Forrester Consulting titled "Cybersecurity Requires Controls Monitoring To Ensure Complete Asset Protection."
About the report
The findings reveal that the key challenge facing security leaders and putting their organizations at risk of a breach is misplaced confidence that the abundance of technology investments they have made has strengthened their security posture.
The study surveyed over 250 senior security decision-makers in North America and Europe. Participants included CISO, CIO, IT, and security VPs from organizations ranging from 3,000 to over 25,000 employees.
Currently, security leaders employ a variety of tools and technologies to identify risks and test the effectiveness of their security controls. As a result, security leaders are left with point-in-time assessments that require them to cobble together data from disparate systems to truly understand the organization’s security posture. This approach is reactive, labor-intensive, and insufficient in scale. This has led to a disparity between appearance and reality, whereby security decision-makers are being given a false state of confidence. 86% are confident or very confident they have no gaps in their security controls deployed across devices, applications, people, and data.
However, the complexity of today’s IT infrastructures and the heterogeneity of enterprise security tools make it difficult for security pros to protect their environments. 97% experience challenges with their tools because they take a traditional reactive approach to fighting cybersecurity threats. When asked about the biggest challenges that they face with the security tools, the top responses include:
- Controlling coverage gaps across security functions (56%)
- Viewing a comprehensive list of assets across the organization (43%)
- Collecting, normalizing, aggregating, deduplicating, and correlating disparate data (39%)
- Tracking which assets and controls do not meet regulatory and compliance policies (39%)
- Determining the effectiveness of security controls (38%)
- Getting a real-time view of corporate risks (37%)
- Tracking performance of security controls over time (37%)
As the Forrester Consulting study cites: “Rightfully, companies are prioritizing their security and risk initiatives and investing in multiple technologies. Unfortunately, technology investments have provided a false sense of confidence in their security posture. Security leaders must understand that a proactive approach to cybersecurity requires the right tools, not more tools.”
As threat levels increase, 64% of companies are making it a high or critical priority to implement a risk framework aligning cybersecurity risk and enterprise risk. However, the study identifies that one in five do not have a centralized approach for risk management.
Nik Whitfield, CEO, Panaseer: “Traditional security tools are insufficient for proactive cybersecurity as they don’t provide a complete, real-time view of cybersecurity risk. Threats are becoming more advanced, attackers are savvier and regulation is tightening. This has created a clear market requirement for automated continuous controls monitoring, a new category of solution that provides real-time visibility of assets. The ability to make informed operational security decisions based on trusted security data and metrics will enable security leaders to have real and validated confidence that the company and customer data is protected.” Download a full copy of the Forrester study on Continuous Controls Monitoring.
Methodology
To create the study, Forrester Consulting supplemented research with custom survey questions asked of 254 C-level or VP security decision-makers at global enterprises in finance, healthcare, and retail verticals. The custom survey began in May 2019 and was completed in July 2019.
About Panaseer
Panaseer is the first Continuous Controls Monitoring platform for enterprise cybersecurity. It helps businesses make informed risk-based security decisions using technology that cleans, normalizes, aggregates, de-duplicates and correlates data from any security data source, creating a continuous feed of unified asset and controls insights.
Established in 2014 by Nik Whitfield – a cyber-security thought leader with extensive cyber-security and FinTech experience. Panaseer’s clients include the world’s largest financial institutions and critical infrastructure enterprises. The company recently scooped the award Europe’s Hottest CyberTech Startup at the Europa’s awards, which is held in partnership with TechCrunch.