In a recent report by Coro, cybersecurity preparedness among security leaders was thoroughly examined. The survey revealed significant challenges faced by SME security professionals, with 73% acknowledging instances where they missed, ignored, or failed to act upon critical security alerts.
The primary reasons cited were understaffing and time constraints.
Key findings from the report include:
- 35% of respondents admitted to having missed a security alert at work.
- 31% adjusted the sensitivity settings on a security tool to reduce alerts.
- 26% silenced or muted a security alert altogether.
- 25% failed to take action on a high-priority alert, while 22% completely ignored a security alert.
Respondents highlighted the most time-consuming aspects of their daily responsibilities, which include:
- Monitoring security platforms.
- Managing and updating endpoint devices and agents.
- Conducting vulnerability management and patching.
- Installing, configuring, and integrating new security tools.
The report indicates that security professionals spend an average of four hours and 43 minutes daily managing cybersecurity tools, utilizing an average of 11.55 tools in their security arsenal. Monitoring security platforms was identified by 52% of respondents as the most time-intensive task, followed closely by vulnerability patching.
Respondents estimated that it takes approximately 4.22 months for a new cybersecurity tool to become fully operational. This timeline includes activities such as installation, configuration, staff training, and integration with existing security systems. On average, respondents oversee 2029.91 endpoint security agents across 655.92 endpoint devices. A significant 53% of respondents reported dealing with vendor updates for these endpoint agents on a daily or weekly basis.
Looking ahead, 85% of respondents expressed a desire to consolidate their cybersecurity tools within the next 12 months. The primary motivation cited for consolidation is enhancing overall security posture.
Overall, the report underscores the operational challenges faced by SME security teams, highlighting the critical need for efficiency improvements and tool consolidation to strengthen cybersecurity defenses effectively.
Source: securitymagazine.com
