Cyber industry reaches inflection point for proactive security
September 2018 by 451 Research
The cyber-security market has reached an infection point whereby organisations need to shift their strategies and have a new, proactive approach to their cyber security, according to a report by 451 Research.
Panaseer, a cyber-security software company that enables organisations to become ‘Cyber Security Risk’ Intelligent, commissioned the analysis to get insight into industry opportunity for proactive security – as well as the key hurdles that organizations need to overcome to successfully shift their strategies. These were identified as:
1. A profusion of tools and data that complicates – and too often, frustrates – an effective strategy;
2. An over-reliance on people to resolve security issues, and the unsustainable business model it represents;
3. A “one size fits all” mentality that leads to tools and processes insufficiently flexible to serve real-world people and processes – and too often leaves security poorly aligned with business realties;
4. Lopsided investments in reactive measures that too often result from these failures.
The report identified that opting to ‘monitor and respond’ at the expense of ‘prepare and protect’ is a poor strategy from a security performance and cost standpoint, especially as we reach a point where the cost of containment and response can far exceed the investment in resilience. This is clearly illustrated by the global impact of the 2017 ‘NotPetya’ outbreak, which ranges as high as $10 billion – yet the vulnerabilities exploited in many cases had already been resolved for years in many older operating systems.
Scott Crawford, Research Director, Information Security, 451 Research: “Advances in data gathering, rationalization, analytics and automation have made a proactive strategy more actionable now than ever before. Organizational infrastructures are becoming more complex as billions of smart devices coupled with a growing diversity of technologies demands an approach that can scale. Adversaries, too, recognize how their strategies must adapt. The risks are too great to ignore. The technology is available; the time is now to take action – before organizations become even more overwhelmed with what may face them tomorrow.”
The analysis by 451 Research support the recent industry predictions from Markets and Markets, which outlined that the proactive security market is undergoing tremendous growth. Its report outlined that the market is expected to grow from USD 20.66 billion in 2018 to USD 41.77 billion by 2023, at a Compound Annual Growth Rate (CAGR) of 15.1% during the forecast period.
Nik Whitfield, CEO, Panaseer: “The last decade has seen a huge surge in cyber defense technologies that support a reactive approach. However, we have now reached a point where this just doesn’t work. It is an outdated equation where you will never have enough resources to respond, as reacting costs much more budget – it’s like closing the stable door after the horse has bolted. If you are to stand a genuine chance of combatting threats successfully and addressing the myriad of compliance issues facing all industries, you need a different playbook. With limited budgets and resources, and demands for insight and proof, organisations must move from firefighting to fireproofing and developing a robust, proactive cyber strategy.”