2014 Cyberthreat Defense Report North America and EuropeDownload Now
How are other IT security practitioners thinking differently about cyberthreats and their defenses, and should we adjust our perspective and plans to account for these differences?
In war, knowing your enemy is imperative to establishing an effective defensive strategy. The same holds true for effective IT security, and several excellent industry reports help inform IT security professionals on this front. The annual Data Breach Investigations Report from Verizon, for example, sheds considerable light on the evolving nature of cyberthreats, the actors behind them, and the techniques being used to perpetrate successful attacks.
The Cyberthreat Defense Report informs the IT security community in another, complementary way. Based on a rigorous survey of IT security decision makers and practitioners across North America and Europe, the Cyberthreat Defense Report examines the current and planned deployment of technological countermeasures against the backdrop of numerous perceptions, such as:
- The adequacy of existing cybersecurity investments, overall and within specific domains of IT
- The likelihood of being compromised by a successful cyberattack within the next 12 months
- The types of cyberthreats and cyberthreat sources that pose the greatest risk to a given organization
- The effectiveness of both traditional and next generation/advanced technologies for thwarting cyberthreats
- The organizational factors that represent the most significant barriers to establishing effective cyberthreat defenses
- The most valuable solution capabilities and packaging options
By revealing these details we hope to provide IT security decision makers with a better understanding of how their perceptions, concerns, priorities, and – most importantly – current defensive postures stack up against those of other IT security professionals and organizations. Applied in a constructive manner, the data, analyses, and findings covered herein can be used by diligent IT security teams to gain insights into many practical questions, such as:
- Where do we have gaps in our cyberthreat defenses relative to other organizations?
- Have we fallen behind in our defensive strategy to the point where our organization is now the "low-hanging fruit" (i.e., likely to be targeted more often due to its relative defensive weaknesses)?
- Are we on track with both our approach and progress in continuing to address traditional areas of concern – such as strengthening endpoint security and reducing our attack surface – as well as tackling newer ones, such as providing security for mobility and defending against advanced persistent threats (APTs)?
A second objective is to provide developers of IT security technologies and products with some of the answers they need to better align their solutions with the concerns and requirements of their potential customers.
The net result should be better market traction and success for solution providers that are paying attention, and better cyberthreat protection technologies for all of the intrepid defenders out there.