Security News > 2021 > November > Security teams need to become more proactive and risk-driven
Security teams doing reactive security tasks instead of being proactive.
While security teams aspire to do more proactive and risk-driven operations, like risk management, incident analysis, threat modeling, they spend most of their time doing foundational and reactive security tasks, like updating patches, researching and analyzing critical incidents and removing false positives.
Security teams are trapped doing the same thing they have been doing for years - reactive security.
"Security teams need to start evaluating business risk based on the likelihood of attack success and mapping that attack success to what it would actually cost the business. Focus on the critical issues that matter most to reduce the attack and outage impact."
A total of 333 qualified global IT and security professionals participated in the survey and carried enterprise security responsibilities at medium to enterprise-sized companies.
Companies experienced minimal security budget increases despite growing IT demands as a result of remote work shifts and COVID-19 impact: 19% reported no increases to security budgets, 29% received less than 10% budget and 8% received 50% or more budget increase.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/oWKis91q5R8/
Related news
- SOC teams are frustrated with their security tools (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Top 5 Cloud Security Automations for SecOps Teams (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)