Splunk reveals State of Security 2022 Report

Splunk in collaboration with Enterprise Strategy Group released the State of Security 2022, an annual global research report that examines the security issues facing the modern enterprise. More than 1,200 security leaders participated in the survey, revealing they’ve seen an increase in cyberattacks while their teams are facing widening talent gaps.

According to the report, 65% of respondents say they have seen an increase in attempted cyberattacks. In addition, many have been directly impacted by data breaches and costly ransomware attacks, which have left security teams exhausted:
 

● Nearly half (49%) of organizations say they have suffered a data breach over the past two years, an increase from 39% a year earlier.

● 79% of respondents say they’ve encountered ransomware attacks, and 35% admit that one or more of those attacks led them to lose access to data and systems.

● 59% of security teams say they had to devote significant time and resources to remediation, an increase from 42% a year ago.

● 54% of respondents report that their business-critical applications have suffered from unplanned outages related to cybersecurity incidents on at least a monthly basis, with a median of 12 outages per year.

○ The median time to recover from unplanned downtime tied to cybersecurity incidents is 14 hours. Respondents estimated the cost of this downtime averaged about $200,000 per hour.

● 64% of security professionals have stated that it's challenging to keep up with new security requirements, up from 49% a year ago.

Ryan Kovar, Distinguished Security Strategist, Splunk, said, “This survey has revealed that organizations are deeply concerned about supply chain attacks, especially after the SolarWinds hacks of 2020 and the Log4Shell incident in late 2021. Ninety percent of organizations reported that they have increased their focus on third-party risk assessments as a result of those high-profile attacks. In my 20 years in IT security, I’ve never seen software supply chain threats given this level of visibility. Unfortunately, this will only increase the already intense pressure security teams face.”

As cybercriminals become more persistent and workloads increase, many organizations have been impacted by the Great Resignation and the additional security challenges of remote work. These factors have exacerbated the already ongoing talent shortage within the cybersecurity industry:

● 76% of respondents say their team members have been forced to take on responsibilities they are not ready for, and 70% say that the resulting increase in their workload has led them to consider looking for a new role.

○ 85% of respondents say it has gotten harder to recruit and retain talent over the past 12 months.

● 53% of respondents say they can’t hire enough staff and 58% cite an inability to find talent with the right skills.

○ 68% of respondents report that talent shortages directly led to the failure of one or more projects/initiatives.

● 73% of respondents say that workers have resigned, citing burnout.

Organizations from around the world face similar security challenges, but many struggle to secure proper investment into their cybersecurity programs and face cybersecurity skills shortages. In India:

● Indian respondents report that only 33% of their organizations’ employees are currently working remotely, lower than the average in the rest of the world (49%).

● Among Indian organizations that have ramped up the number of remote workers since before the pandemic, 70% report that they’ve seen a significant uptick in attempted attacks on these individuals which is significantly higher that the global figure (21%) and 35% report challenges securing tools purchased to assist in the transition to remote work (versus 21% globally).

● Indian organizations are aggressively integrating non-security analytics in areas such as IT operations, business and risk management analytics with security analytics to improve decision-making.

○ 77% of respondents reported significant integration versus 37% across other countries.

○ Similarly, Indian organizations are on the leading edge when it comes to adopting security controls with machine learning capabilities. 72% of Indian respondents report extensive adoption versus 28% globally.

● Indian organizations are making security a top priority. In terms of security-based investments, 90% of respondents in India say that their organization will increase investments significantly in the next 12-24 months versus just 45% of their peers across the globe.

Jane Wong, Vice President of Security Products, Splunk, commented, “Our latest State of Security report has revealed the challenges security professionals face, but there are steps we can take to alleviate these issues. One positive sign is that over two-thirds (67%) of organizations are actively investing in technologies designed for advanced analytics and security operations automation. Automation is critical to help reduce the time it takes to respond to attacks, and these technologies should focus on assisting our human analysts, not replacing them. This can mean fewer tools, not more. For example, a platform approach can make it easier for security teams to take action on complex threats, while the basic stuff is remediated at machine speed. The result should be less sense of being overwhelmed — and less analyst burnout, but also reduced dwell time if the organization has been breached.”