Darktrace, a global leader in cyber security artificial intelligence, today announced a new IDC InfoBrief, sponsored by Darktrace, ‘Building the Case for a Virtuous Cycle in Cybersecurity‘*. The research was conducted to identify the key challenges facing cyber security professionals operating in increasingly noisy cyber security environments, and the report outlines recommended solutions to bolster cyber readiness.
IDC conducted a survey of 300 organisations across the US and Europe spanning multiple verticals including financial services, transportation, and healthcare. The data revealed the key challenges facing most of these organisations concern the ability to effectively prioritise and contextualise the large amounts of data organisations get from several cyber security alert systems, as well as identifying the key actions necessary for effective mitigation of threats and vulnerabilities.
Subscribe to our Telegram channel to get a daily dose of business and lifestyle news from NHA – News Hub Asia!
The study’s key findings are:
- Evolving attack vectors make it difficult to prepare proactively, with only 31 per cent of respondents highly confident that their tools can continuously adjust to new configurations.
- There is a lack of dynamic testing capabilities, as 65 per cent of participants agreed that pen testing provides only a snapshot in time which is of limited value, as it quickly becomes out of date.
- While 76 per cent of surveyed professionals thought visualising attack paths were of moderate or high importance, only 29 per cent were highly confident they had a robust mechanism to test their environments against the most current threat vectors.
- The number of organisations that can continuously run preventative exercises such as pen tests and attack surface evaluation is between just 24 per cent and 31 per cent across all sectors.
The IDC InfoBrief calls for the adoption of a ‘virtuous cycle’ model as a way of closing these critical security gaps, incorporating prevention, detection, response, and healing. It calls for “a multipronged approach that includes establishing a security posture and proactively managing the access and assets, monitoring what is happening in the environment, and ensuring a fit-for-purpose remediation approach including backup and disaster recovery.” The study also highlights AI as the solution for improved detection and response capabilities and continuous monitoring, as well as playing an integral part in the ‘virtuous cycle’, citing AI’s ability to look for subtle changes in the behaviours of entities within a network.
“It’s clear from this study that organizations need to adopt a holistic approach to improve their readiness,” commented Christopher Kissel, Research Vice President of IDC’s Security & Trust Products. “The solution is to create a virtuous cycle, leveraging AI to create an ecosystem across an entire organization able to continuously stress-test environments, give an instantaneous response, and determine if remediation is working.”
“Security teams don’t need more data, they need clear prioritisation, and intelligent automation to lighten the load and this report sets that out in concrete terms,” said John Allen, VP of Cyber Risk and Compliance at Darktrace. “Security professionals are overwhelmed with vulnerabilities, and they can’t get to them all in time. At Darktrace we’re committed to delivering an AI Loop that can provide continuous visibility, prioritised into meaningful actions for security teams, and harden weak points. That’s how we’re helping security teams get proactive.”
Darktrace PREVENT™ is the third of four product families in Darktrace’s Cyber AI Loop™ which also includes Darktrace DETECT and RESPOND™. The final part of Darktrace’s Cyber AI Loop, Darktrace HEAL™, will go to market in 2023.
Commenting on the efficacy of PREVENT and its ability to augment an entire security ecosystem, Eric Schmitt, Global Chief Information Security Officer at Sedgwick, said: “Darktrace PREVENT pairs up our inside and outside views and integrates them with Darktrace DETECT and RESPOND, which is a game changer. Our customers are advocating that we need to be continuously testing the efficacy of our security. Darktrace PREVENT does just that.”
*doc #EUR149649622, January 2023
IDC InfoBrief Methodology
In July 2022, IDC surveyed senior security professionals at 300 companies across Europe and the U.S., looking at where security professionals are challenged in implementing preventative security measures and the gaps in their security postures that they are struggling to fill. All organizations surveyed had over 500 employees. Individuals surveyed were predominantly IT directors, IT managers, IT security management specialists, CIOs and CTOs. The full IDC Infobrief can be viewed here.
About Darktrace
Darktrace (DARK.L), a global leader in cyber security artificial intelligence, delivers complete AI-powered solutions in its mission to free the world of cyber disruption. Breakthrough innovations from the Darktrace Cyber AI Research Centre in Cambridge, UK and its R&D centre in The Hague, The Netherlands have resulted in over 125 patent applications filed and significant research published to contribute to the cyber security community. Darktrace’s technology continuously learns and updates its knowledge of ‘you’ for an organization and applies that understanding to achieve an optimal state of cyber security. It is delivering the first-ever Cyber AI Loop, fuelling a continuous end-to-end security capability that can autonomously prevent, detect, and respond to novel, in-progress threats in real-time. Darktrace employs over 2,200 people around the world and protects over 8,100 organizations globally from advanced cyber threats. It was named one of TIME magazine’s ‘Most Influential Companies’ in 2021.
Source: Darktrace