The HPE-sponsored Ponemon Institute 2020 Global Study on Closing the IT Security Gaps focuses on identifying and dealing with cyber threats. Learn more about the best practices that distinguish high-performing security teams.
We’ve just released the HPE-sponsored Ponemon Institute 2020 Global Study on Closing the IT Security Gaps, focused on identifying and managing gaps in dealing with cyber threats, especially as organizations adopt edge-to-cloud architectures. We included enough continuity questions to spot any changes in approach or trends since undertaking the 2019 Global Study, and this year Dr. Larry Ponemon and his crack team were also able to identify some best practices that distinguish high performing security teams.
By correlating leading edge techniques such as AI, automation, Zero Trust, and the use of cyber insurance with the level of confidence in their ability to protect the organization, a clear pattern emerged. Compared to the sample group, high-performing teams used innovative techniques much more frequently and aggressively. They clearly understand their value in terms of dealing with major IT initiatives such as digital transformation, work from home, and IoT.
How top performers who are closing their organization’s IT security gaps
While AI and automation are not new concepts, the data shows that there is still a reluctance to leverage them. High performers are much more likely to have implemented machine learning in dealing with threats. As a result, they also realize the benefits of automation to eliminate false positives, increase the efficiencies of investigations, and importantly see attacks before they do damage.
When it comes to Zero Trust, we had expected to see some ambiguity around its adoption given the variety of frameworks that exist and the admitted hype around the concept. While the basic principles of identity-based Zero Trust are still in early stages, we did find that high performing teams were implementing at least some of the Zero Trust framework at twice the rate of the sample. What’s more, almost 50% of all respondents are counting on their current infrastructure suppliers to help them implement the security needed for the accelerating shift to aggregating and processing data at the intelligent edge. They clearly recognize that Zero Trust must be built into network, compute, and storage resources, not bolted on.
We added some questions about cybersecurity insurance since that industry has become highly active in helping organizations identify security products that reduce risk. If fact, Marsh has led a consortium of eight global cyber insurers to evaluate and designate vendors and product that meet their stringent risk reduction criteria. Called Cyber Catalyst by Marsh(SM) the program launched in September 2019. With the HPE Silicon Root of Trust for HPE servers and the Aruba Policy Enforcement Firewall, ours were among the first of a total seventeen products to become Cyber Catalyst designated.
Given this initiative, we weren’t surprised to see that practically every high performing security team said they utilized cyber insurance, which exceeded the rest of the sample by almost 50%. Moreover, these teams worked more closely with their corporate risk management counterparts to ensure that their product selections match corporate priorities and utilized the input from programs like Cyber Catalyst to guide their choices.
Summary
Not surprisingly, great security teams are partners with the business on key initiatives. By a wide margin, they see security playing a critical part in establishing and assuring privacy and an important factor in successful business priorities such as digital transformation and IoT. But as the survey shows, it’s not enough to know that security is important and to recognize its challenges. High-performing teams also innovate across processes, technology, and risk management to better protect an integrated edge-to-cloud environment.
The Ponemon Institute 2020 Global Study on Closing the IT Security Gaps contains a wealth of insights for security professionals. Register to access the full survey and report.
View the infographic: What's threatening IT security and what are people doing about it?
Featured articles:
- How to prepare for and mitigate DDoS attacks via HPE's Enterprise.nxt
- Want to know the future of technology? Sign up for weekly insights and resources
Larry Lunetta
Hewlett Packard Enterprise
twitter.com/twitter.com/arubanetworks
linkedin.com/company/aruba-a-hewlett-packard-enterprise-company/
hpe.com/networking
Larry_Lunetta
Larry Lunetta is a Silicon Valley veteran experienced in a wide range of executive management positions for both public and private companies. Currently he is responsible for the overall marketing strategy and execution for the Aruba solutions portfolio comprising wired, wireless, WAN, cloud, security, AI, 5G, and location services.
