The current Arctic Wolf Security Trends Report 2022 shows: A shortage of skilled workers, latent threats and tight budgets prevent companies from adequately protecting themselves. 8 out of 10 companies see vulnerabilities and misconfigurations as the biggest security problems in their IT infrastructure.
As a leader in security operations, Arctic Wolf publishes its Security Trends Report 2022. The report is based on the results of a recent global survey of more than 300 IT and security managers conducted by Arctic Wolf and evaluations of the company's cloud-based Security Operations Platform.
Report reveals security concerns among companies
The State of Cybersecurity: 2022 Trends report provides new insights and insights into the current and future state of cybersecurity teams and their challenges in developing security programs and dealing with the ever-evolving threat landscape. The results show that a variety of ongoing security challenges will continue to make it difficult for companies to adequately protect their business in 2022.
IT security concerns: security gaps and misconfigurations
Cyber threats such as ransomware, phishing and IT vulnerabilities make the headlines almost every day and concern security experts worldwide:
- 81% of organizations ranked vulnerabilities and unknown misconfigurations as the top security issues within their infrastructures
- According to those surveyed, the greatest threats come from ransomware attacks (70%) and phishing (64%).
- 70% of Arctic Wolf's new customers surveyed identified latent threats at the start of the collaboration
- 50% of organizations say their 2022 security budget is insufficient to meet their security goals
- 30% of companies with cyber insurance say the cost of their policy has increased or their insurance has been canceled in 2021. 35% currently have no form of cyber insurance.
The ongoing threat of attackers, who in most cases have far more resources, is an enormous challenge for companies. Shifting security strategies toward operationalizing resources, optimizing talent, and building defenses is a valid option to deter attackers and mitigate risk.
"Despite all the security efforts of companies, it remains an unequal game: Attackers only need a gap in the defense, but companies have to continuously secure the entire - often very heterogeneous - IT stack of the company. Many companies cannot do this without professional help," says Dr. Sebastian Schmerl, Director Security Services EMEA at Arctic Wolf.
Increased cyber risk due to growing shortage of skilled workers
Finding, training and retaining qualified IT security specialists has long been a major challenge for companies. In 2021, too, many IT and security managers faced significant hurdles when recruiting new team members.
- 84% of companies surveyed said they were unable to meet their targets for recruiting new IT security professionals
- 76% said the biggest hurdles to achieving their IT security goals are hiring new professionals or a lack of expertise among existing employees
- 44% of the companies surveyed have no employees who are full-time or primarily responsible for cyber security
“Speed in detecting attacks and taking appropriate countermeasures is gold in the fight against cyber attacks. Without the right combination of technology, processes and people, even the most advanced organizations struggle to establish holistic cyber protection,” explains Dr. Sebastian Schmerl. “With its cloud-native security platform, Arctic Wolf enables companies to set up security operations with the push of a button, ensuring rapid detection and response to attacks. In addition, dedicated teams of experts support companies in developing a strategic security strategy to build long-term cyber resilience.”
Cloud security can't keep up with cloud adoption
99% of companies now use public or private clouds. However, rapid cloud adoption in many cases exceeds companies' in-house capabilities to secure these new cloud environments, even when using shared responsibility models.
- Almost half of all security incidents analyzed by Arctic Wolf (47%) involve at least one cloud component
- Only 19% of the companies surveyed use Cloud Security Posture Management (CSPM) as a means of securing their cloud resources
- Only 22% of organizations that do not have CSPSM capabilities in place have plans to add them to their security program in the future
“For many companies, cloud applications are new solutions that often break with the previously typical on-prem paradigms for IT security. The keyword here is the dissolving security perimeter in the network. Furthermore, cloud solutions - SaaS, IaaS, PaaS - are operated differently and are based on different - not necessarily better or worse - security concepts," explains Dr. Sebastian Schmerl, Director Security Services EMEA at Arctic Wolf. “Without experience and good training, unsafe configurations or uses are inevitable. Continuous monitoring of cloud solutions and appropriate security advice, such as that provided by Arctic Wolf’s security concierge teams, can provide a targeted remedy here.”
More at ArcticWolf.com
About Arctic Wolf Arctic Wolf is a global leader in security operations, providing the first cloud-native security operations platform to mitigate cyber risk. Based on threat telemetry spanning endpoint, network and cloud sources, the Arctic Wolf® Security Operations Cloud analyzes more than 1,6 trillion security events per week worldwide. It provides company-critical insights into almost all security use cases and optimizes customers' heterogeneous security solutions. The Arctic Wolf platform is used by more than 2.000 customers worldwide. It provides automated threat detection and response, enabling organizations of all sizes to set up world-class security operations at the push of a button.