The annual State of Threat Detection and Response Report from Fidelis Cybersecurity finds that 57% of organisations are heavily impacted by lack of automation, 53% by lack of visibility.
Organisations rely on their incoming Cyber Threat Intelligence (CTI) to be aware of and mitigate threats. Elemendar’s AI ‘reads’ this human created unstructured data (typically from PDFs, Word docs or Web pages) and extracts threat information from them (e.g. indicators, threat actors and TTPs). The extracted threat information is output as machine readable and actionable data (STIX 2) which can be injected into your SIEM or visualised in your TIP.
This frees up valuable time to be spent on more valuable things and increases your protection against threats as well as utilising all of your CTI.
Extracts from the report:
Cybersecurity professionals are struggling to keep up with growing cyber terrains – fueled by IoT and the cloud — and their own proliferating tech stack and point solutions. Fidelis Cybersecurity,found that organizations still do not have necessary levels of automation or visibility within their cyber terrain, especially as security stacks grow and are underutilized. Without automation to gather data and give context to security incidents, or visibility to root out threats hiding in the network, organizations’ overall levels of risk increase while their confidence suffers.
Of the 300 respondents – CISOs, CIOs, CTOs, architects, engineers, and analysts across the finance, healthcare, public sector, federal industries – 57.43 percent shared that a lack of automation was a pressing concern for their organization, making it the top priority. This was closely followed by a lack of visibility, which had a pressing impact on 53.39 percent of organizations. The result? Major security gaps and underutilized stacks.
The report also revealed the following:
-
Confidence in security defenses have a ripple effect – Nearly half of respondents (49.02%) don’t have visibility of their entire cyber terrain and over half (55.03%) don’t have control over blind spots which lowers their confidence in their organization’s ability to identify insider threats.
-
Majority of organizations admit they are not using their stack to its full potential – Only 6.54% of all organizations surveyed believe they are using their full security stack to its full capability. Good news is that most organizations realize that this is a problem, with 78% of respondents replying that they have, or are planning to consolidate their security stack.
-
Threat intelligence and threat hunting remain an imperative – Over half of those surveyed do not engage in threat hunting with top reasons being a lack of time (49.11%) or a skills gap (41.42%), but 70% believe it’s necessary in today’s cyber landscape.