Cyber-threat intelligence is analyzed information about cyber-threats that helps inform cybersecurity decision making. Although security professionals recognize the value of cyber-threat intelligence, many organizations still consume it on a superficial basis.
Learn more about these trends with the infographic, Cyber-threat Intelligence Programs.
Organizations are distributing applications across private data centers, multiple public clouds, and edge locations. Plus, hybrid work initiatives are enabling employees to work from home or other locations outside of traditional office settings. As a result, the network has become critical to ensuring secure connectivity. These modern, distributed networks create greater challenges for organizations as they can create blind spots and become operationally complex to effectively manage. In addition, organizations are exploring the use of new technologies that drive visibility, efficiency, and automation.
To better understand how organizations are addressing end-to-end network visibility and management as well as adopting new technologies to drive greater operational efficiencies, Enterprise Strategy Group surveyed 339 IT and networking professionals responsible for network operations, architecture, and management at organizations in North America (US and Canada).
This study sought to answer the following questions:
Survey participants represented a wide range of industries including manufacturing, technology, financial services, and retail/wholesale. For more details, please see the Research Methodology and Respondent Demographics sections of this report.
Examine the impact of the public cloud on data security priorities.
Determine the degree of separate versus unified approaches for cloud and on-premises data sets.
Gain insight into top data security challenges and rate data loss from the cloud.
Establish data security spending intentions and priorities.
Identify challenges, strategies, and trends in endpoint management and security.
Determine if and how endpoint management and security functions and systems are converging.
Highlight opportunities for improving endpoint management and security fueled by functional convergence.
Gain insights into the challenges security teams face with the current threat detection and response landscape.
Gauge the key capabilities organizations require from NDR tools and the use cases they are seeking to address.
Examine how NDR tools are used today and where they fit into broader XDR plans and strategies.
Understand why security teams are prioritizing NDR and the benefits they are seeing.
Taking inspiration from the words of Helen Keller, “Alone we can do so little; together we can do so much,” the theme for RSA Conference 2023 is “Stronger Together.”
Ascertain key cloud adoption trends that drive the need for CSPM and CIEM solutions.
Determine the top challenges organizations face in managing cloud security posture and infrastructure entitlements.
Validate top requirements for CSPM and CIEM solutions.
Highlight key roles involved in evaluating and purchasing solutions. (more…)
The potential for serious business disruptions makes detecting threats quickly and accurately critical to preventing data loss, compliance violations, and lost revenue. Even as resources and users leave the traditional perimeter, the network should play a key role in detecting threats to avoid business disruption. Specifically, network-based tools provide consistent, comprehensive visibility across distributed, heterogeneous environments and remain outside the scope of attacker manipulation. Yet the number of threat detection and response tools that are available can leave users unsure of where to prioritize.
In order to gain insight into these trends, Enterprise Strategy Group surveyed 376 IT, cybersecurity, and networking professionals responsible for evaluating, purchasing, and managing network security products and services for their organizations.
This study sought to answer the following questions:
The use of managed detection and response services has become a mainstream strategy in modern security programs. But IT organizations shouldn’t be fooled by the name: MDR providers are delivering much more than basic detection and response, helping IT and security leaders accelerate program development and improve security posture. With no end in sight for the cybersecurity skills shortage, MDR services can bring immediate expert resources online, together with proven, best-of-breed processes and tools that can help security teams gain control and set themselves up for future security program success.
In order to understand these trends, as well as assess the general state of managed detection and response service offerings, Enterprise Strategy Group surveyed 373 cybersecurity professionals personally involved with cybersecurity technology, including products, services, and processes.
Web applications are critical resources for companies conducting business with their clients. These companies can’t afford to have these applications unavailable or compromised due to a cyber-attack. As a result, most organizations have made web application security one of their top cybersecurity priorities, and in many cases, the top priority. In doing so, companies are transitioning away from dedicated security tools that are proving to be inadequate in preventing attacks on multiple fronts. Integrated web application and API security protection (WAAP) platforms are fast becoming an attractive option for organizations.
Business applications are the lifeblood of enterprises. Protecting them from various forms of attacks are first and foremost on the minds of security teams. Dedicated application security tools designed to prevent specific types of attacks are proving inadequate and contributing to tool sprawl. As a result, the security market is moving toward integrated web application and API protection (WAAP) platforms that combine four critical types of protection: WAF, DDoS mitigation, bot management, and API security.
In the face of an increasingly complex threat landscape and acute shortage of cybersecurity professionals, security teams spend a large portion of their time on emergency issues instead of on continuous improvement of security strategy. Organizations are taking steps to bolster operations with the use of advanced analytics, a wider application of the MITRE ATT&CK framework, and increased utilization of managed security services. Security professionals also report that their organizations still need more investment in personnel, technology, and services. The upshot: Security spending will continue to increase in 2023, regardless of economic pressures.