Threat situation requires cybersecurity outsourcing

Share post

Cybersecurity – times are getting tougher: More than half of the companies surveyed (53 percent) expect a significant increase in cyber threats in the future. 43 percent, on the other hand, believe that the current level of cyber attacks will remain constant. This was the result of an interesting survey as part of a Cybersecurity as a Service study by Sophos.

A so-called security operations center (SOC) is a crucial element of a modern, proactive security strategy. It focuses on detecting, analyzing and responding to security incidents in order to minimize the corresponding risks and protect data and business-critical processes in companies in the best possible way.

How companies want to arm themselves

🔎 Most companies expect the IT security situation to tighten (Image: Sophos).

The results of the survey show that the majority of companies have already recognized the advantages of a SOC and have implemented appropriate measures. Almost three out of four companies (73 percent) actively use security operations centers. 41 percent rely on external SOC services from service providers, while 32 percent operate their SOCs internally. At the same time, almost a quarter of companies (24 percent) do not have a SOC and three percent cannot provide any information on this.

Design, sensitize, outsource and insure

In order to further optimize their IT security, almost every second company (49 percent) rates constant employee awareness as essential. Their goal is to educate employees about potential safety risks and corresponding rules of conduct.

49 percent of the companies surveyed also emphasize the importance of a holistic IT security concept.

Such a concept should integrate advanced approaches such as multi-layer security, which provides various defense mechanisms at different levels, and the zero trust principle, which fundamentally trusts no access and always requires verification.

For 42 percent of companies, outsourcing IT security through Cyber ​​Security as a Service is a means of strengthening the security infrastructure.

🔎 Optimal IT security? Many companies want a holistic security concept (Image: Sophos).

Other measures mentioned include larger IT budgets (42 percent), the use of additional security solutions (29 percent) and the involvement of external experts (14 percent). Overall, it shows that companies recognize the strategic relevance of a robust security infrastructure and are investing in appropriate solutions and training measures.

In addition, a positive trend can be observed in the area of ​​cyber insurance.

85 percent of companies have already proactively taken out cyber insurance to protect themselves against the financial risks of security incidents. Notably, half of these insured companies (50 percent) were able to negotiate better terms within the last 12 months after strengthening their security measures. However, there remains a minority of 10 percent of those surveyed who have not yet insured themselves against cyber attacks.

70 percent want to outsource cybersecurity in the future

In addition to cyber insurance, companies rely on various strategies to ensure their IT security. Around 70 percent of the IT managers surveyed are of the opinion that the security of their IT systems should be entrusted to external security service providers in the medium to long term. In addition, 60 percent of respondents rely on technology-driven security solutions that are supplemented by behavior-based detection methods and artificial intelligence (AI). This combination enables more precise and proactive threat detection. What is alarming, however, is that 57 percent admit that they only invest in comprehensive security measures after an actual security incident. A reactive security approach, in which measures are only taken after a security incident, can cause long-term damage and jeopardize the company's reputation.

More at Sophos.com

 


About Sophos

More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.


 

Matching articles on the topic

NIS2 and the security obligation: email encryption

Although email encryption is not explicitly mentioned as a separate topic in the NIS2 Directive, it falls under the general requirements for ➡ Read more

Three quarters of ransomware victims pay ransom

An international survey of 900 IT and security managers shows that 83 percent of companies were the target of ransomware attacks last year ➡ Read more

Ransomware: Above-average number of attacks in the education sector

The number of compromised backups and data encryption rates due to ransomware in the education sector have increased compared to the previous year. The recovery costs after ➡ Read more

NIS2 Directive: Communicating implementation with managers

A free white paper helps CISOs speak the language of executives to advance the implementation of the NIS2 directive in the company ➡ Read more

NIS2 will soon come into force – 5 tips to prepare

The EU Directive NIS2 is due to come into force in Germany in October. It requires many companies to take greater cyber security precautions. ➡ Read more

Global danger: vulnerabilities in photovoltaic platform

As the experts at Bitdefender Labs have discovered, power outages are possible due to attacks on photovoltaic inverters and management platforms. A vulnerability was only discovered in ➡ Read more

30 percent more ransomware attacks in Germany

In this year’s State of Ransomware report “ThreatDown 2024 State of Ransomware”, Malwarebytes shows an alarming increase in ransomware attacks in the past ➡ Read more

SSTI attacks are increasing significantly

SSTI poses a critical threat to web applications. Attackers can use it to execute arbitrary code and take over entire systems. ➡ Read more