Prevention instead of monitoring - German companies are desperately looking for security experts for their IT departments, but they cannot find them. Companies therefore rely on prevention, which they do not fully trust. This is the result of a survey of 1.000 IT employees.
How do companies meet the current challenges in terms of cyber security and where do they see their deficits? Vectra AI, a leading provider of AI-supported detection and defense against cyber threats for hybrid and multi-cloud companies, surveyed 200 companies with over 1.000 employees in Germany. The evaluation of the study reveals a very mixed and sometimes contradictory mood among German companies.
Great pressure on IT security teams
“The IT security teams in German companies are under immense pressure. The number and severity of attacks have steadily increased over the past few years, and the current geopolitical situation poses even greater challenges. Therefore, most of them are still looking for salvation in the most effective form of prevention, which, however, has been proven to be very often overcome,” reports Andreas Riepen, Head of Central and Eastern Europe at Vectra AI. “In addition to the technological challenges, there is also a need for action in terms of staffing levels. According to their own statements, only a minority of German companies have enough experts.”
Prevention usually still has priority
When faced with the decision between prevention and detection or monitoring (prevention vs. detection), 68% of those surveyed still primarily opt for approaches that focus on defending against intruders. At the same time, 82% admit that the protective walls they have built have been breached by attackers at least once. Almost one in four even states that they have never used a prevention solution that meets expectations.
As a result of the unfulfilled hopes placed in prevention, 42% of companies state that they now invest more in detecting and reacting to attacks than in prevention tools. 31% invest approximately the same amounts and only 28% currently invest more in prevention than in NDR (Network Detection & Response).
90% believe the attack was already successful
The numbers show how high the level of uncertainty is: A full 90% of the companies surveyed consider it possible or even probable that attackers have succeeded in penetrating their networks without being noticed. Only 9% think this is unlikely and only 1% categorically rule it out.
At the same time, 96% believe they have a good understanding of the threat landscape their organization is specifically facing. Only 3% admit to some blind spots and only 1% believe that full visibility of the threat landscape in their own infrastructure is impossible. On the other hand, however, 67% are very confident that they are well protected against modern attacks, and at least 30% see themselves as reasonably well positioned. Only 3% see significant weaknesses in their own cyber defense against modern attack methods.
Lack of experts in many teams
In addition to the technical precautions, the human factor still plays a major role when it comes to cyber security in companies. Less than half of those surveyed stated that they had enough skilled workers at their disposal. At least 28% state that they could use additional employees and 23% speak of an acute shortage of staff.
"The shortage of skilled workers in the field of cyber security not only affects authorities and not companies, but also many companies with more than 1.000 employees, as the study shows. This gap is getting bigger from year to year and realistically this trend cannot be reversed in the foreseeable future," says Andreas Riepen. “Companies must therefore aim to equip their employees with the appropriate technology that enables them to automate and accelerate many tasks. Solutions that rely on machine learning and artificial intelligence to better understand and control what is happening in the infrastructure are a promising approach.”
More at Vectra.ai
About Vectra Vectra is a leading provider of threat detection and response for hybrid and multi-cloud enterprises. The Vectra platform uses AI to quickly detect threats in the public cloud, identity and SaaS applications, and data centers. Only Vectra optimizes AI to recognize attacker methods - the TTPs (Tactics, Techniques and Processes) that underlie all attacks - rather than simply alerting on "different".