A Blog by Jonathan Low

 

Mar 14, 2022

Why Cybersecurity Pros Need 100 Days To Develop Threat Defenses

Servers, websites, apps and databases are the most likely targets of cyber attacks. But even knowing that, it can take organizations almost three months to create a successful defense. 

The Russian attack on Ukraine has heightened corporate and governmental attention to cybersecurity. JL 

Venture Beat reports:

A recent analysis of 35,000 cybersecurity team members inside 400 large organizations found it takes 96 days on average to develop the knowledge, skills and judgment to defend against breaking threats. The increase in sophisticated threats is forcing organizations to ramp-up skills faster and more efficiently. Development of knowledge, skills and judgment was faster against high-profile threat groups (including) Solarwinds, Iran, Fin 7, Hafnium and Darkside. Technology and financial services companies prepare the most for cyberattacks. National infrastructure organizations prepare the least.

A recent analysis by Immersive Labs of 35,000 cybersecurity team members inside 400 large organizations found that it takes over three months (96 days) on average to develop the knowledge, skills and judgment to defend against breaking threats. One particular breaking threat took, on average, more than six months (204 days) to master, causing concerns for organizations that are forced into swift action.

On the flip side, four of the top five fastest-developed skills in 2021 revolved around the Log4j vulnerability. The increase in sophisticated threats is forcing organizations to find ways to ramp-up skills faster and more efficiently; however, unfortunately, a large gap still exists. Development of knowledge, skills and judgment was also faster against high-profile threat groups. The top five of interest are UNC2452 (Solarwinds), Iranian Threat Groups, Fin 7, Hafnium and Darkside.

However, the frequency in which organizations conduct cybersecurity crisis exercises varies significantly across sectors. An analysis of 6,400 crisis response decisions shows that technology and financial services companies prepare the most for cyberattacks, running nine and seven exercises per year respectively. On the other hand, critical national infrastructure organizations prepare the least, with just one exercise per year.

The report also took a look at application security and found that overall, AppSec teams develop human cyber capabilities faster than cybersecurity teams. Seventy-eight percent of all application security skills are developed faster than the expected completion time, as opposed to just 11% of cybersecurity labs. Furthermore, the average application security lab is completed 2.5 minutes under expected complete time, whereas the average time to complete cybersecurity labs is 17 minutes over. This continues to put a spotlight on the much-needed strategic alignment between AppSec and security teams to keep organizations secure.

Immersive Labs’ Cyber Workforce Benchmark report analyzed cyber knowledge, skills and judgment from over half a million exercises and simulations run by more than 2,100 organizations in the last 18 months. These were broken down to understand the workforce cyber capabilities of cybersecurity, application security and crisis response teams.

0 comments:

Post a Comment