Around 90% of organisations fail to detect, resolve cyber threat within an hour: Report
As many as 90% of organisations fail to detect cyber threats within an hour, said a report by cybersecurity firm Palo Alto. Out of the 2,500 firms surveyed by Palo Alto for their “2023 State of Cloud-Native Security Report”, a majority of the firms said that they need to apply more consistent governance across accounts, and streamline incident response, and investigation.
The surveyed companies said that they struggle with comprehensive security, compliance, and technical complexity; this phenomenon remains unchanged from Palo Alto’s 2020 survey. Almost half of the companies said that their workforce does not understand their security responsibilities.
With companies of all sizes moving their operation to the cloud, many find themselves ill-equipped to automate cloud security and mitigate risks. Many companies try to improve security in the development process itself and look for fewer vendors that can offer more security capabilities, the report said.
Due to the surge in the hybrid mode of working due to the pandemic, the companies rushing to expand Cloud usage increased by more than 25%. This sudden rise has resulted in the DevOps team delivering production code at warp speed, often making application security complex, and putting further pressure on security organisations to keep pace.
On the positive, more companies are encouraging deeper collaboration between application developers and security teams. Almost 81% of the respondents said that they have security professionals inside their DevOps teams.
“With three out of four organisations deploying new or updated code to production weekly, and almost 40% committing new code daily, no one can afford to overlook the security of cloud workload. As cloud adoption and expansion continues, organisations need to adopt a platform approach that secures applications from code to cloud across multi cloud environments,” said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks.
Three-quarters of the respondents also complained about the struggle to identify appropriate security for their objectives. More often than not, most of the firms implement several single-point solutions, which means that on average organisations use more than 30 security tools. This prevents leaders from getting in-depth visibility into their entire cloud portfolio; in fact 76% of respondents said that multiple tools create blind spots which prevent prioritising risks. Around 80% of them said that their companies would benefit from centralised security solutions across cloud accounts and services.