When it comes to securing premises, most organizations prioritize prevention over detection, investigation and response, according to a new report. However, as a result, data breaches or other attacks are affecting numerous organizations, and the incidents are only getting worse.
Exabeam researchers surveyed 500 IT security professionals and found that around two-thirds of respondents (65%) ranked prevention as their top priority endpoint security (opens in new tab) Goal.
For a third (33%), detection was the top priority.
Late to the party
To make matters worse, companies are actually acting on this thinking. Almost three quarters (71%) spend between 21% and 50% of their IT security budget on prevention, while 59% invest the same amount as on detection, investigation and response.
The problem with this approach, according to Exabeam’s Chief Security Strategist Steve Moore, is that since the crooks are already inside the walls, companies are focusing on prevention, rendering their efforts in vain.
“As is well known, the real question is not whether attackers are in the network, but how many there are, how long they have had access and how far they have penetrated,” says Moore. “Teams need to socialize this question and treat it as an unwritten expectation to realign and respond to their investments, with the necessary focus on opposing alignment and incident response. Prevention has failed.”
When asked if they are confident they can prevent attacks, most respondents responded positively. In fact, 97% said they feel confident in their tools and processes to prevent and identify intrusion attempts and data breaches.
When asked if they would be happy to tell their boss that their networks were not hacked at this time, only 62% answered yes, meaning more than a third had doubts.
In other words, according to Exabeam, security teams are cocky and have data to back it up. Citing industry reports, the company claims that 83% of businesses have experienced more than one data breach in the past year.
