Cybersecurity – times are getting tougher: More than half of the companies surveyed (53 percent) expect a significant increase in cyber threats in the future. 43 percent, on the other hand, believe that the current level of cyber attacks will remain constant. This was the result of an interesting survey as part of a Cybersecurity as a Service study by Sophos.
A so-called security operations center (SOC) is a crucial element of a modern, proactive security strategy. It focuses on detecting, analyzing and responding to security incidents in order to minimize the corresponding risks and protect data and business-critical processes in companies in the best possible way.
How companies want to arm themselves
The results of the survey show that the majority of companies have already recognized the advantages of a SOC and have implemented appropriate measures. Almost three out of four companies (73 percent) actively use security operations centers. 41 percent rely on external SOC services from service providers, while 32 percent operate their SOCs internally. At the same time, almost a quarter of companies (24 percent) do not have a SOC and three percent cannot provide any information on this.
Design, sensitize, outsource and insure
In order to further optimize their IT security, almost every second company (49 percent) rates constant employee awareness as essential. Their goal is to educate employees about potential safety risks and corresponding rules of conduct.
49 percent of the companies surveyed also emphasize the importance of a holistic IT security concept.
Such a concept should integrate advanced approaches such as multi-layer security, which provides various defense mechanisms at different levels, and the zero trust principle, which fundamentally trusts no access and always requires verification.
For 42 percent of companies, outsourcing IT security through Cyber Security as a Service is a means of strengthening the security infrastructure.
Other measures mentioned include larger IT budgets (42 percent), the use of additional security solutions (29 percent) and the involvement of external experts (14 percent). Overall, it shows that companies recognize the strategic relevance of a robust security infrastructure and are investing in appropriate solutions and training measures.
In addition, a positive trend can be observed in the area of cyber insurance.
85 percent of companies have already proactively taken out cyber insurance to protect themselves against the financial risks of security incidents. Notably, half of these insured companies (50 percent) were able to negotiate better terms within the last 12 months after strengthening their security measures. However, there remains a minority of 10 percent of those surveyed who have not yet insured themselves against cyber attacks.
70 percent want to outsource cybersecurity in the future
In addition to cyber insurance, companies rely on various strategies to ensure their IT security. Around 70 percent of the IT managers surveyed are of the opinion that the security of their IT systems should be entrusted to external security service providers in the medium to long term. In addition, 60 percent of respondents rely on technology-driven security solutions that are supplemented by behavior-based detection methods and artificial intelligence (AI). This combination enables more precise and proactive threat detection. What is alarming, however, is that 57 percent admit that they only invest in comprehensive security measures after an actual security incident. A reactive security approach, in which measures are only taken after a security incident, can cause long-term damage and jeopardize the company's reputation.
More at Sophos.com
About Sophos More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.