Security professionals are placing a higher priority on vendor consolidation while also displaying more confidence in cloud-based security, according to a report by Cisco.
Cisco recently published its fifth annual 2019 CISO Benchmark Study to check the pulse of the security industry by surveying more than 3,000 security experts.
The latest results showed that security professionals were placing higher priority on vendor consolidation, collaboration between networking and security teams, and security awareness exercises.
In the latest survey, the trend away from point products to vendor consolidation continued. Two years ago, 54% of the survey of respondents cited 10 or fewer vendors in their environment, which increased to 63% in the latest survey.
In many environments, multiple vendor solutions aren’t integrated, which means they can't share alert triage and prioritization. The survey results showed that even those chief information security officers (CISOs) with fewer point solutions could better manage their alerts through an enterprise architecture approach.
In order to address some of the ongoing complexity issues, a large number of CISOs were more confident that moving to the cloud would improve their security efforts. In the survey, 93% of the CISOs reported that migrating to the cloud increased efficiency and effectiveness for their teams.
On the flip side, some CISOs expressed a decreasing reliance on newer technologies, such as artificial intelligence.
Sixty-five percent of the respondents had difficulty determining the scope of a compromise, containing it and remediating the issues. The unknown threats that exist outside the enterprise in the form of users, data, devices, and apps were also a top concern for CISOs. To help address these challenges, and better protect their organizations, of those surveyed:
- 44% increased investment in security defense technologies.
- 39% are training employees in security awareness.
- 39% focused on implementing risk mitigation techniques.
“This year, more than ever CISOs are taking a much more proactive role in reducing their exposure through consolidation and training, as well as investments in critical technologies, for cyber defense and breach containment, but there is still more to do,” said Steve Martino, Cisco's senior vice president and chief information security officer, in a prepared statement. “You can’t protect what you can’t see, and security leaders are still struggling to gain greater visibility across their organization and into threats."