Security pros overconfident in the effectiveness of their tools

Security professionals are overconfident in their tools with 50% of respondents reporting that they have experienced a security breach because one or more of their security products was not working as expected.

The Security Operations Effectiveness survey from Keysight Technologies found that just over half (57%) of security professionals were confident their current security solutions are working as intended.

Yet, only 35% of survey respondents stated that they conduct testing to ensure their security products are configured and operating as they expect. To close this gap, 86% of respondents see strong value in security test solutions that can actively test their company’s security products and posture, using both internal and external attack vectors.

Keysight commissioned Dimensional Research to conduct the survey in November 2019, covering a total of 307 participants.

“Enterprises are faced with a continuous stream of cyberattacks that threaten their businesses, and in many cases they attempt to deal with these by buying more security tools. Yet they don’t know whether these products are delivering the protection they expect,” said Scott Register, VP of security solutions at Keysight’s Network Applications & Security Group.

“The disconnect is when good security tools are misconfigured or security teams lack the skills to use their tools,” Register said. “This situation leads to overspending on overlapping tools and compromises an organisation’s security posture. Ongoing testing of security solutions would give organisations the proof and confidence that they are protected, but also would provide the opportunity to save resources.”

The survey also shows that companies are breached often, with 75% of respondents saying their company had experienced a security breach (unauthorised intrusion, malware, hack etc), and 47% have experienced three or more breaches in the last three years.

Most organisations don’t verify their security is working as it should, with only 35% having test-based evidence to prove their security products are configured and working correctly.

Less than half (49%) of respondents stated they actively practice how to remediate and respond to security incidents.

Also, 66% of companies are using security solutions whose functions overlap, and for 41% of respondents this overlap is unintentional, wasting security budgets and management time without strengthening the organisation’s security posture.