Complete cybersecurity service provider SecureData has today released research that reveals 34% of businesses would look to the black hat community to compensate for a lack of in-house skills.
Almost half (43%) of those surveyed at SecureData’s annual customer event in London also reported that an industry skills shortage is affecting their ability to adopt data-driven security, which 97% now believe is a prerequisite for any modern cybersecurity strategy.
The survey also revealed that while 80% of organisations are responding to incidents in-house, only 8% feel they are equipped to produce contextual threat intelligence – a core component of a data-driven cybersecurity strategy. To tackle this issue, two-thirds (61%) of businesses believe outsourced skills will be needed.
SecureData CEO, Etienne Greeff believes it’s little wonder businesses are considering ex-hackers for in-house security roles: “The IT security skills shortage isn’t a new debate, but it has now reached a point where it’s critical for businesses to think like the bad guys to stay one step ahead”.
Away from the security skills saga, other prominent factors preventing organisations from adopting a data-driven approach include: lack of time and resource (67%) and c-level buy-in (25%) but, tellingly, not one respondent claimed they had no need for data-driven security.
“Firms are moving from reactive, device-led protection strategies, to proactive detection and response, empowered by intelligence-led visibility and control,” adds Greeff. “But a mass of information isn’t intelligence; this raw data must be transformed by people with an offensive mindset and combined with processes and technologies to yield intelligence that’s both useful and useable”.
However, only 14% of respondents are already implementing data-driven strategies in their organisations. Despite almost all firms (92%) planning to adopt data-driven security, a third (33%) reported that implementation is still is up to year away, while even more (36%) said five years was a realistic timescale.
Greeff concludes: “In a world where every business is a digital business and no industry is safe from cyber attacks, it’s unsurprising that everyone is chasing the huge benefits of smarter security. From faster attack detection and response, to a better understanding of threats, or the ability to focus resources on the risks that matter, data-driven security is our best hope for solving today’s cybersecurity deadlock, which is something that can only be achieved by security personnel in tune with the black hat way of thinking”.