Darktrace, a global leader in artificial intelligence for cybersecurity, today announced a new IDC InfoBrief, sponsored by Darktrace, entitled “Building the Case for a Virtuous Cycle in Cybersecurity”*. The research was conducted to identify the key challenges faced by cybersecurity professionals working in increasingly noisy cybersecurity environments and the report outlines recommended solutions to strengthen cyber readiness.
IDC conducted a survey of 300 organizations in the US and Europe, spanning multiple industries including financial services, transportation, and healthcare. The data showed that the key challenges facing most of these organizations relate to the ability to effectively prioritize and contextualize the large amounts of data organizations receive from multiple cyber security alert systems, as well as identify the key actions needed for effective mitigation of threats and vulnerabilities are required.
The main results of the study are:
Evolving attack vectors make it difficult to be proactively prepared, with only 31% of respondents very confident in their tools’ ability to continuously adapt to new configurations
Dynamic testing capabilities are lacking, with 65% of participants agreeing that penetration testing is a snapshot that is of limited value as it quickly becomes obsolete
While 76% of the professionals surveyed believed that visualizing attack paths were of medium or high importance, only 29% were very confident that they had a robust mechanism in place to test their environments against the most up-to-date threat vectors
The number of organizations that can continuously conduct preventative exercises such as penetration testing and attack surface assessments is only between 24% and 31% across industries
The IDC InfoBrief calls for the adoption of a “virtuous cycle” model to address these critical security vulnerabilities, encompassing prevention, detection, response and cure. It calls for “a multi-pronged approach that includes establishing a security posture and proactively managing access and resources, monitoring what’s happening in the environment, and ensuring an expedient remediation approach including backup and disaster recovery.” The study also elevates AI as a solution for enhanced detection and response capabilities and continuous surveillance, and plays an integral role in the “Virtue Cycle” by citing AI’s ability to look for subtle changes in the behavior of entities within a network.
“This study shows that organizations need to take a holistic approach to improve their preparedness,” commented Christopher Kissel, research vice president of IDC’s Security & Trust Products. “The solution is to create a virtuous circle and use AI to create an ecosystem across an organization capable of continuously stress testing environments, providing an immediate response and determining if the remediation works .”
“Security teams don’t need more data, they need clear prioritization and intelligent automation to lighten the load, and this report shows that in concrete terms,” said John Allen, VP of Cyber Risk and Compliance at Darktrace. “Security professionals are inundated with vulnerabilities and can’t find them all in time. At Darktrace, we’re committed to providing an AI loop that provides continuous visibility that prioritizes security teams into actionable actions and hardens vulnerabilities. Here’s how we help security teams become proactive.”
Darktrace PREVENT™ is the third of four product families in Darktrace’s Cyber AI Loop™, which also includes Darktrace DETECT and RESPOND™. The final part of Darktrace’s Cyber AI Loop, Darktrace HEAL™, will launch in 2023.
Jim Webber, vice president of information technology at Direct Federal Credit Union, commented on PREVENT’s effectiveness and its ability to extend an entire security ecosystem: “PREVENT is constantly looking for assets that exist outside of our internal IT environment. With PREVENT, since I’m constantly running vulnerability tests on our behalf, I don’t have to worry about missing anything – that’s very reassuring.”