Security professionals are leaning more toward vendor consolidation, collaboration between networking and security teams, and security awareness exercises to strengthen their organizations’ security and reduce the risk of breaches.

That’s according to Cisco’s fifth annual 2019 Chief Information Security Officer (CISO) Benchmark Study. It surveyed more than 3,200 CISOs and other security decision-makers from 18 countries globally.

Ben Munroe, director of Cisco Security, tells us many key findings of the study support MSSPs and those partners looking to help end users by assuming more security responsibility for them. The findings validate the MSSP business model, he said.

Cisco’s Ben Munroe

“For example, end users are overwhelmed with alert management, remediating only [approximately 51] percent of legitimate alerts (down from 55 percent last year) and this shows that there could be the need to offload more to a managed provider,” he said. “This is especially true when you consider that 79 percent of customers told us that they were overwhelmed trying to orchestrate a response from their multivendor environment, up from 74 percent last year. They have built complex, best-of-breed security architectures that don’t share context, event, policy and threat data, and they need help making sense of the capabilities they have purchased in the past, in light of the current threat landscape.”

Second, customers are trying to move toward measuring time to remediate (48 percent versus 30 percent percent last year) and this can require a modern security operations center (SOC) with sophisticated detection, containment and remediation tools and processes, Munroe said.

“Finally, there is a need to help CISOs report on security effectiveness and business value,” he said. “Ninety-eight percent of respondents operate with clearly understood executive measurements, and so being able to demonstrate the incremental value of security, to the board, in a way that balances the investment in control with an assumption of risk and additional measures like cyber insurance will help CISOs build investment cases and demonstrate value. These are all key areas in which an MSSP could support their customer base to solve problems highlighted by our 2019 CISO Benchmark Study.”

Many CISOs are increasingly confident that migrating to the cloud will improve protection efforts, while apparently decreasing reliance on less proven technologies such as artificial intelligence (AI), according to the study.

Complex security environments made up of solutions from 10 or more security vendors could be hampering security professionals’ visibility across their environments, according to the report. Some 65 percent of respondents have difficulty determining the scope of a compromise, containing it and remediating from exploits. The unknown threats that exist outside the enterprise in the form of users, data, devices and apps also is a top concern for CISOs.

“The trend away from point products continues,” Munroe said. “In 2018, 54 percent of respondents cited 10 or fewer vendors in their environment; in 2019, this has risen to 63 percent. This is one of the bigger jumps in the report year-on-year — more respondents with fewer vendors.”

To help address challenges and better protect their organizations, of those surveyed:

Survey respondents also noted the continued high financial impact of breaches. Some 45 percent said the financial impact of a breach to their organization was more than $500,000; however, more than 50 percent are driving breach costs below $500,000.

But there remains a stubborn 8 percent claiming a cost of more than …

… $5 million per incident for their most significant breach of the past year.

The most collaborative teams lose the least money. Elimination of silos shows a tangible financial upside as 95 percent said their networking and security teams were very or extremely collaborative. Fifty-nine percent of those who stated that their networking and security teams were very/extremely collaborative also stated that the financial impact from their most serious breach was under $100,000 — the lowest category of breach cost in the survey.

Cyber fatigue, defined as virtually giving up on staying ahead of malicious threats and bad actors, is down from 46 percent in 2018 to 30 percent in 2019.

But the fight is far from over. The following findings show CISO challenges and opportunities for improvement. AI and machine learning (ML), used right, are essential to the initial stages of alert prioritization and management; however, reliance on these technologies has decreased as respondents possibly perceive the tools to be still in their infancy or not ready for prime time.

Employees/users continue to be one of the greatest protection challenges for many CISOs and having an organizational process that starts with security awareness training on day one is essential. Only 51 percent rate themselves as doing an excellent job of managing employee security via comprehensive on-boarding and processes for transfers and departures. Email security remains the No. 1 threat vector.