Sophos, a company specializing in cybersecurity services, has released a survey report entitled “The State of Cybersecurity 2023: The Business Impact of Adversaries on Defenders,” which found that 93% of organizations in Asia Pacific and Japan find executing essential security operations such as threat hunting to be challenging. Additionally, 76% of respondents have difficulty identifying the root cause of an incident, making proper remediation difficult and leaving organizations vulnerable to repetitive or multiple attacks by the same or different adversaries. The report also found that 74% of organizations have difficulty understanding which signals/alerts to investigate and 71% have challenges prioritizing investigations.
Furthermore, half of the organizations surveyed stated that cyber threats are too advanced for them to handle alone, and 63% wished their IT team could focus more on strategic issues instead of firefighting. The survey also found that the majority of organizations (94%) work with external specialists to scale their operations but are still involved in managing threats themselves instead of taking a fully outsourced approach.
John Shier, the Field CTO of Sophos, commented on the report, stating that vulnerabilities and remote services are a top cybersecurity risk for 2023, despite only one-fifth of respondents considering them to be so. He added that operational issues cascade, and organizations need to eliminate blind spots by having external audits and monitoring. The report concludes that eliminating guesswork and applying defensive controls based on actionable intelligence will allow IT teams to focus on enabling the business instead of trying to douse the eternal flame of active attacks.
11 April 2023
