Cisco has published its 2021 Security Outcomes Study, offering actionable insights for practitioners deciding where to focus their efforts in the year ahead.
The independently analysed survey of 4,800 security, IT and privacy professionals across 25 countries including 1,600 respondents from the Europe, Middle East, Africa and Russia (EMEAR), pulling back the curtain on specific practices which foster greater security management in the region. The results offer security teams a blueprint for success regarding managed threat intelligence, while also enabling the business and operating efficiently.
The survey revealed that change is a primary factor in cybersecurity success. On average, programs in EMEAR that include a well-integrated technology stack are 14.3% more likely to succeed. Globally, Cisco’s study has found that the proper integration of technology also influences the recruitment and retention of talent, as security teams want to work with the best technology and avoid burnout.
Security integration is also the most significant factor in establishing a culture that the entire organisation embraces. Instead of traditional security training programs, which did not correlate with positive culture, Cisco recommends investing in technology that is flexible and frictionless.
Other key findings from the report at an EMEAR level include:
- A 13.7% higher chance of succeeding when implementing a best-of-breed technology refresh. Unfortunately, not all organisations have the budget or expertise to make this happen, also known as the “Security Bottom Line”. A digital transformation strategy to migrate to cloud and SaaS security services can help close this gap. Subscription-based solutions are affordable, easy to deploy and integrate, while automatic updates ensure the technology is continually modernised without additional cost or effort.
- Prompt disaster recovery planning is also identified as a factor contributing towards success. Security teams in the region have an 8.3% greater probability of success if they invest in the right tools which automate processes, help detect threats and stop them before sensitive data and assets are compromised.
- As a standalone practice, simply knowing about potential cyber risks appears to correlate far less with overall accomplishments.This may seem surprising, but points to the importance of a comprehensive threat intelligence and incident management program, with the ability to both mitigate and remediate. In fact, practices such as timely incident response and advanced threat detection correlate much more strongly with overall security success.
“Security practitioners across EMEAR need to make fast, informed decisions – especially in today’s increasingly digital workplaces. Yet they are often armed with dozens of tools from multiple vendors, requiring short-term fixes and workarounds to get them working together. This creates complexity, cost, and unexpected overheads,” said Fady Younes, Cybersecurity Director, Middle East and Africa, Cisco.
“Cisco’s 2021 Security Outcomes Study helps teams prioritise practices that not only secure the business, but also play a significant role in enabling its growth and success by leveraging the power of digitisation and automation. Even in the face of an ever-changing threat landscape and shrinking budgets, successful security management outcomes are possible.”
