According to a new report, when it comes to securing facilities, most companies prioritize prevention over detection, investigation and response. However, as a result, many companies are affected by data breaches or other attacks, and the incidents continue to worsen.
Exabeam researchers surveyed 500 IT security professionals and found that approximately two-thirds of respondents (65%) prioritized prevention as their endpoint security priority (opens in a new tab) goal.
For a third (33%) – detection was the top priority.
Too late to party
Worse yet, companies actually act on this mindset. Nearly three-quarters (71%) spend between 21% and 50% of their IT security budgets on prevention, while 59% invest as much as they do on detection, investigation and response.
According to Exabeam’s chief security strategist, Steve Moore, the problem with this approach is that companies focus on preventing fraudsters already behind walls, making their efforts futile.
“As everyone knows, the real question is not whether attackers are online, but how many there are, how long they’ve had access, and how far they’ve gone,” says Moore. “Teams need to socialize this question and treat it as an unspoken expectation to readjust their investments and execution with the necessary emphasis on adversary alignment and incident response. Prevention has failed.”
When asked if they were confident they could prevent attacks, most respondents said yes. In fact, 97% said they feel confident in their tools and processes to prevent and identify data breaches and breaches.
However, when asked if they would easily tell their boss that their networks had not been compromised at the time, only 62% would say yes, meaning more than a third had doubts.
In other words, Exabeam says the security teams are overconfident and have the data to back it up. Citing industry reports, the company says 83% of organizations experienced more than one data breach last year.