Only a quarter (25 percent) of business leaders across Europe, the Middle East and Africa are confident in their current cybersecurity, according to a new study commissioned by VMware in partnership with Forbes Insights.
Three quarters (76 percent) of business leaders and IT security practitioners believe the security solutions their organisation is working with are outdated, even though 42 percent say they have acquired new security tools over the past year to address potential security issues. More than half of all respondents (54 percent) plan to spend more on detecting and identifying attacks, and close to one third (29 percent) report having 26 or more security products installed across their enterprises.
Despite businesses continuing to invest more in their security, nearly a third (31 percent) of IT security respondents say it takes up to a week to address a cybersecurity issue. In the age of real-time processing, more than one million new Internet users per day (https://datareportal.com/reports/digital-2019-global-digital-overview), and the amount of business conducted per second via apps, this slow response time is of particular concern.
Spending is not the solution
What’s particularly worrying is that businesses appear trapped in a routine of spending their way through the cybersecurity crisis – with 83 percent admitting they plan to increase the purchase or installation of new security products in the next three years.
The research, conducted amongst 650 enterprises across EMEA, sheds light on a concerning trend of slow and inefficient practices to combat the latest cyber threats – even though the economic impact of cybercrime has risen fivefold since 2013, according to European Union data.
This current approach to security has resulted in businesses losing confidence when it comes to their cyber hygiene. Only a quarter (23 percent) express extreme confidence in the security of their cloud implementations and under a fifth (18 percent) are confident in the readiness of their people and talent to address security concerns.
Crossing the chasm
There is a chasm between business leaders and their security teams on how they perceive progress and collaboration around cybersecurity. Only 21 percent of IT teams consider their business leaders (C-suite executives) to be highly collaborative when it comes to cybersecurity. Meanwhile, 27 percent of executives say they are collaborating in a significant way to address cybersecurity issues, versus only 16 percent of IT security practitioners.
Sylvain Cazard, VP SDDC EMEA, VMware, said: “As defined by Einstein, insanity is doing the same thing over and over again and expecting different results. This is what is happening with IT security, where investment in traditional security solutions continues to be dwarfed by the economic repercussions of breaches.
“We now live in a world of greater complexity, with more and more complex interactions, more connected devices and sensors, dispersed workers and the cloud, all of which have created an exponentially larger attack surface. This has changed the rules. Modern-day security requires an investment shift away from trying to prevent breaches at all costs and towards building intrinsic security into everything – the application, the network, essentially everything that connects and carries data. Breaches are inevitable but how fast and how effectively you can mitigate that threat is what matters.”
Cazard continues, “Encouraging a culture of security awareness and collaboration across all departments and teams is also an imperative. Business executives and security and IT operations have to be speaking the same language and recognise what’s at stake. Investing in the right people to drive cyber best-practice forward will see EMEA enterprises stay one step ahead in the world of sophisticated cybercrime.”