Almost 40% of organisations are wasting their precious cyber security budgets

Almost 40% of organisations are wasting their precious cyber security budgets

Almost 40% of organisations are wasting their precious cyber security budgets

A large number of organisations are purchasing advanced security software and solutions at a great cost without assessing whether they have the manpower required to run these solutions, specific skills to optimise these assets, or whether they can integrate such solutions with their existing systems.
A recent survey of IT security experts carried out by edgescan has revealed that as many as 39 percent of organisations are spending their precious cyber security budgets on expensive security software and solutions that they have not been able to use and which ended up in the cupboard as a result.
While 39 percent of IT security experts said their organisations wasted money on security software and solutions, 18 percent said that their organisations spend more than £20,000 on solutions out of their cyber security budgets that were never installed or integrated into their security system.

Expensive security solutions emptying cyber security budgets

71 percent of the security professionals also said that the reason why advanced security solutions ended up in the cupboard is that their organisations do not have the manpower, specific skills, or time required to install them or integrate them with their existing systems.
Considering that a large number of organisations are not able to allocate the required money or resources to cyber security, the fact that whatever is allocated is wasted away in precious resources that cannot be exploited indicates that organisations are far from effectively utilising their security budgets to effectively respond to cyber security threats.
“The results of this survey suggest there is still a problem with how security is managed within organisations. Employees’ time and resources are being wasted in an attempt to face an ever-growing threat landscape, but working harder and spending more does not necessarily mean that an organisation is more prepared in the event of an attack,” said Eoin Keary, CEO and founder of edgescan.
“What organisations need is an IT security strategy. Visibility over the entire attack surface can be achieved with managed services, that can provide monitoring and intelligence, while the internal security team can have more time to concentrate on what they consider to be higher functions.
“With as many as 68% of the respondents to our survey rating their organisations’ visibility as just ‘average’, there clearly is a need for restructuring and optimising security operations,” he added.

False-positives consuming a lot of time and energy to address

The survey commissioned by edgescan also found that 64 percent of IT security professionals still lack complete visibility over web applications and end-points attached to their enterprise networks. 68 percent of them rated their visibility as “average” and said they did not monitor some connected devices as a usual practice.
The problem of manpower shortage in IT security teams is also far from being addressed, with 68 percent of security professionals admitting that their teams need more people to manage their organisations’ cyber security and to comfortably deal with vulnerability intellgence.
What’s worse is that IT security teams, already shorn of personnel, are spending a lot of time in addressing issues that ultimately turn out to be false-positives. While 60 percent of security personnel spend over three hours a day on validating false-positives, 30 percent of them spend over six hours every day in validating false-positives.
ALSO READ: Too much of a good thing? Security teams are overcome by alerts

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]