In this new digital era where more and more work is done remotely, we are increasingly exposed to attacks from cybercriminals. Recent research has revealed that the cybersecurity market is failing due to ineffective technology. The Debate Security investigation was based on more than 100 in-depth interviews with business leaders and CISOs ( Chief Information Security Officer ) responsible for the security of the most important organizations. Today in this article we show you a summary of their conclusions.
The report offers us a vision of the efficiency problems in the cybersecurity market, these problems are mainly due to economic problems, and not to technological problems.
The cybersecurity problem is economic
This study revealed that 90% of the highly qualified interviewees believed that one of the main causes of this problem was that technology was not as effective as it should be in protecting organizations from cyber risk.
Right now, confidence in technology to solve problems is low. A worrying fact is that, when companies were asked how they evaluate the performance and effectiveness of cybersecurity, there was no consensus and each had a different opinion on the matter.
Currently there has been a strong focus on improving people to avoid human error and improve processes. However, one thing that is not positive is that ineffective technology has been accepted as normal and inevitable.
92% of the participants reported that there is a break in the market relationship between buyers and suppliers. Additionally, few buyers today use detailed, independent cybersecurity effectiveness assessments as part of their cybersecurity procurement process. Furthermore, the largest companies commented that they did not have sufficient resources to carry out all the assessments themselves.
As a result, vendors tend to focus on other product features, such as marketing, and neglect the effectiveness of cybersecurity technology to some extent. This is one of the ways cybersecurity is failing.
How to improve cybersecurity
One relevant aspect to comment on is that companies are spending more and more on security. This graph appears in the report, which shows the increase in cybersecurity costs in recent years.
Despite the fact that each year companies have invested more in cybersecurity, this has not been reflected to the same extent. Thus, it can be seen that cybersecurity is failing due to the use of ineffective technology. The solution happens because buyers demand greater efficiency . However, as this does not always happen, you can make regulation the only way to overcome the problem.
Therefore, many participants in the report agreed that coordinated action among all stakeholders can only be achieved through regulation . However, some interviewees held out hope that coordination could be achieved through sectoral associations.
Another interesting fact is that 70% of those surveyed believed that an independent and transparent evaluation of the technology would help improve the current situation.
We must seek efficiency in cybersecurity
The participants in this report largely agree that four characteristics are needed to make cybersecurity technology effective. In this sense, cybersecurity solutions must:
- Comply with the established safety mission, that is, be adequate for what they have been designed for.
- They must be practical so that companies can implement, integrate, operate and maintain them.
- Have quality in design and construction to avoid vulnerabilities and negative impacts.
- That the supplier company, its people and supply chain do not present additional security risks.
Ciaran Martin, Garrison Technology’s advisory board, thinks that a real problem is that in today’s cybersecurity, trust and good security don’t always sell. In short, cybersecurity is failing and we need to improve technology efficiency, experts believe that regulation could be an effective solution.