{"id":20362,"date":"2020-02-25T00:19:10","date_gmt":"2020-02-24T18:49:10","guid":{"rendered":"https:\/\/www.technologyforyou.org\/?p=20362"},"modified":"2020-02-25T00:19:10","modified_gmt":"2020-02-24T18:49:10","slug":"cisco-2020-ciso-benchmark-report-shows-increased-investment-in-cloud-security-and-automation-technologies-to-combat-complexity","status":"publish","type":"post","link":"https:\/\/www.technologyforyou.org\/cisco-2020-ciso-benchmark-report-shows-increased-investment-in-cloud-security-and-automation-technologies-to-combat-complexity\/","title":{"rendered":"Increased Investment in Cloud Security and Automation Technologies to Combat Complexity"},"content":{"rendered":"<ul>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">Executive leadership still considers security a high priority along with other indicators such as clarification of roles, establishing clear metrics, and cyber risk assessments.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">Report shows increased challenges when managing and securing multi-vendor environments, cloud infrastructure, mobile devices, and unpatched vulnerabilities.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">86 percent of security professionals say utilizing cloud security has increased visibility into their networks.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\"><strong><span class=\"xn-location\">SAN FRANCISCO<\/span>,\u00a0<span class=\"xn-chron\">Feb. 25, 2020<\/span> :\u00a0<\/strong> On 24th February at <b>RSA Conference 2020,<\/b>\u00a0Cisco published its sixth annual CISO Benchmark Report surveying the security posture of 2,800 security professionals from 13 countries around the globe. The report provides 20 cybersecurity considerations for 2020 \u2013 gleaned from data analysis of survey results and a panel of Advisory CISOs.<\/span><\/p>\n<h3><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\"><b><span style=\"color: #003366;\">Complexity Continues to be Cybersecurity&#8217;s Worst Enemy\u00a0<\/span><br class=\"dnr\" \/><\/b><\/span><\/h3>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">Digital transformation continues to present itself as an opportunity for IT and security leaders to innovate and gain competitive advantage. But it also carries a tsunami of infrastructure change, which often creates new challenges for security professionals with defeating unknown sophisticated threats looming as a top concern.<\/span><\/p>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">In today&#8217;s security landscape, the average company uses more than 20 security technologies. While vendor consolidation is steadily increasing with 86 percent of organizations using between 1 and 20 vendors, more than 20 percent feel that managing a multi-vendor environment is very challenging, which has increased by 8 percent since 2017. Other notable findings:<\/span><\/p>\n<ul>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">Forty-two percent of respondents are suffering from cybersecurity fatigue, defined as virtually giving up on proactively defending against malicious actors.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">Over 96 percent of fatigue sufferers saying that managing a multi-vendor environment is challenging, complexity being the main causes of burnout.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">To combat complexity, security professionals are increasing investments in automation to simplify and speed up response times in their security ecosystems; using cloud security to improve visibility into their networks; and sustaining collaboration between networking, endpoint and security teams.\u00a0<\/span><\/p>\n<blockquote>\n<h3><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; color: #003366;\">&#8220;As organizations increasingly embrace digital transformation, CISOs are placing higher priority in adopting new security technologies to reduce exposure against malicious actors and threats. Often, many of these solutions don&#8217;t integrate, creating substantial complexity in managing their security environment,&#8221; said\u00a0<b><span class=\"xn-person\">Steve Martino<\/span>, Senior Vice President and Chief Information Security Officer, Cisco<\/b>. &#8220;To address this issue, security professionals will continue steady movement towards vendor consolidation, while increasing reliance on cloud security and automation to strengthen their security posture and reduce the risk of breaches.&#8221;<\/span><\/h3>\n<\/blockquote>\n<h3><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; color: #003366;\"><b>The following findings highlight additional CISO challenges and opportunities for improvement :<\/b><\/span><\/h3>\n<ul>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\"><b>Workload protection for all user and device connections across the network was found extremely challenging<\/b>\u2014Forty-one percent of the surveyed organizations found data centers were extremely difficult to defend, and 39 percent said they struggled to secure applications. The most troublesome place to defend data was the public cloud, with 52 percent finding it very or extremely challenging to secure, and 50 percent claiming private cloud infrastructure was a top security challenge.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\"><b>Security professionals struggle to secure the growing mobile workforce and ubiquitous personal devices<\/b>\u00a0\u2014 More than half (52 percent) of respondents stated mobile devices are now very or extremely challenging to defend. Adopting zero-trust technologies can help secure managed and unmanaged devices without slowing down employees.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\"><b>Adoption of zero-trust technologies to secure access of the network, applications, users, devices and workloads needs to increase<\/b>\u2014Only 27 percent of organizations are currently using multi-factor authentication (MFA), a valuable zero-trust technology to secure the workforce. Survey respondents from the following countries showed the highest MFA adoption rates in this order:\u00a0<span class=\"xn-location\">USA<\/span>,\u00a0<span class=\"xn-location\">China<\/span>,\u00a0<span class=\"xn-location\">Italy<\/span>,\u00a0<span class=\"xn-location\">India<\/span>,\u00a0<span class=\"xn-location\">Germany<\/span>, and UK. While micro-segmentation, a zero-trust approach to secure access of workloads, had the least adoption at only 17 percent of respondents.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\"><b>Breaches due to an unpatched vulnerability caused higher levels of data loss<\/b>\u2014 A key concern for 2020 is that 46 percent of organizations, up from 30 percent in last year&#8217;s report, had an incident caused by an unpatched vulnerability. Sixty-eight percent of organizations breached from an unpatched vulnerability suffered losses of 10,000 data records or more last year. In contrast, for those who said they suffered a breach from other causes, only 41percent lost 10,000 or more records in the same timeframe.<\/span><\/li>\n<\/ul>\n<h3><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; color: #003366;\"><b>Security professionals have made positive developments to improve their security posture :<\/b><\/span><\/h3>\n<ul>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\"><b>Collaboration between network and security teams remains high<\/b>\u2014 Ninety-one percent of respondents reported they&#8217;re very or extremely collaborative.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\"><b>Security practitioners are realizing the benefits of automation for solving their skills shortage problem as they adopt solutions with greater machine learning and artificial intelligence capabilities<\/b>\u2014Seventy-seven percent of our survey respondents are planning to increase automation to simplify and speed up response times in their security ecosystems.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\"><b>Cloud security adoption is increasing, improving effectiveness and efficiency<\/b>\u2014 Eighty-six percent of respondents say utilizing cloud security increased visibility into their networks.<\/span><\/li>\n<\/ul>\n<h3><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; color: #003366;\"><b>Recommendations for CISOs :<\/b><\/span><\/h3>\n<ul>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">Employ a layered defense, which should include MFA, network segmentation, and endpoint protection.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">Gain the highest levels of visibility to bolster data governance, lower risk, and increase compliance.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">Focus on cyber hygiene: shore up defenses, update and patch devices, and conduct drills and training.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">Implement a zero-trust framework to build security maturity.<\/span><\/li>\n<li><span style=\"font-family: 'trebuchet ms', geneva, sans-serif;\">To reduce complexity and alert overload, adopt an integrated platform approach when managing multiple security solutions.<\/span><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Executive leadership still considers security a high priority along with other indicators such as clarification of roles, establishing clear metrics, and cyber risk assessments. Report shows increased challenges when managing and securing multi-vendor environments, cloud infrastructure, mobile devices, and unpatched vulnerabilities. 86 percent of security professionals say utilizing cloud security has increased visibility into their [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":13177,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10,9231],"tags":[12015,12016,11873],"class_list":{"0":"post-20362","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security","8":"category-top-stories","9":"tag-cisco-ciso-benchmark-report-2020","10":"tag-cloud-security-and-automation-technologies","11":"tag-rsa-conference-2020"},"_links":{"self":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts\/20362","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/comments?post=20362"}],"version-history":[{"count":0,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts\/20362\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/media\/13177"}],"wp:attachment":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/media?parent=20362"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/categories?post=20362"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/tags?post=20362"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}