Inability to prevent bad things from happening seen as the worst part of a security job

83% of organizations experienced more than one data breach in 2022. However, 97% of respondents feel confident that they are well-equipped with the tools and processes needed to prevent and identify intrusions or breaches, according to Exabeam.

“The findings indicate a sizable disconnect between market promises and team perceptions. As a result, teams lack the holistic visibility and context to zero in on adversary behaviour to identify the causes of major incidents and breaches. As a result, large-scale data breaches and multi-million-dollar remediation efforts are taking a toll on organizations’ brands, customer retention, and act as a distraction to business momentum and budgets,” said Steve Moore, Chief Security Strategist at Exabeam.

The current state of SIEM at U.S. organizations

46% of all respondents operate more than one cloud or on-premises SIEM platform. Among those with SIEM tools:

64% of those who have one platform are very confident they can detect cyberattacks based on adversary behaviour alone, while 59% of those with two or more platforms are very confident. In addition, 4% of U.S. security professionals report not using a SIEM platform, and of those respondents, 81% were confident.

However, just 17% of all respondents can see 81–100% of their network. Since many analysts lack full visibility, the likelihood that adversaries are lurking in dark corners grows ever greater.

Prevention a higher priority than threat detection, investigation, and response (TDIR)

One reason security teams struggle to prevent breaches is that adversaries are often already in the

Read more