Inability to prevent bad things from happening seen as the worst part of a security job

83% of organizations experienced more than one data breach in 2022. However, 97% of respondents feel confident that they are well-equipped with the tools and processes needed to prevent and identify intrusions or breaches, according to Exabeam.

“The findings indicate a sizable disconnect between market promises and team perceptions. As a result, teams lack the holistic visibility and context to zero in on adversary behaviour to identify the causes of major incidents and breaches. As a result, large-scale data breaches and multi-million-dollar remediation efforts are taking a toll on organizations’ brands, customer retention, and act as a distraction to business momentum and budgets,” said Steve Moore, Chief Security Strategist at Exabeam.

The current state of SIEM at U.S. organizations

46% of all respondents operate more than one cloud or on-premises SIEM platform. Among those with SIEM tools:

64% of those who have one platform are very confident they can detect cyberattacks based on adversary behaviour alone, while 59% of those with two or more platforms are very confident. In addition, 4% of U.S. security professionals report not using a SIEM platform, and of those respondents, 81% were confident.

However, just 17% of all respondents can see 81–100% of their network. Since many analysts lack full visibility, the likelihood that adversaries are lurking in dark corners grows ever greater.

Prevention a higher priority than threat detection, investigation, and response (TDIR)

One reason security teams struggle to prevent breaches is that adversaries are often already in the

Read more

Explore the site

More from the blog

Latest News