Content, Content

Sophos Report: Cybersecurity Depends on Human-led Teams


Behind every cyber threat is a cyber criminal, said security expert Sophos in a newly-released study of the pressing need for security professionals to combat advanced attacks.

But what seems all to obvious is actually far more intricate. Fully combating sophisticated cyber attacks, which typically combine advanced technology with hands-on hacking, requires the “human expertise,” of cyber security professionals, Sophos said in its report, entitled Cybersecurity: The Human Challenge.

Unfortunately, top flight security defenders are in short supply. Still, faced with an increase in human-led attacks, most organizations are turning to human-led threat hunting, Sophos said. By the end of this year, 95% of the 5,000 IT managers in its worldwide study hope to incorporate human-led threat hunting into their arsenal. Getting there is another matter altogether. “Difficulties with the recruitment and retention of cybersecurity professionals is a limiting factor for the vast majority of organizations,” Sophos said. Nevertheless, the report shows that IT security teams are making steady progress in many skirmishes.

Cybersecurity: The Human Challenge - Key Sophos Findings

Here are the survey’s top-level findings:

On patching.  75% of IT teams apply patches to desktops, servers, applications, and internet-facing assets within a week of release. Servers and internet-facing assets are patched most quickly with 39% of respondents patching them within 24 hours.

On prevention.  On average, IT teams dedicate 45% to prevention, with 30% of time spent on detection and the remaining 25% on response.

On a step ahead.  72% of IT managers said they and their teams are current or ahead of cybersecurity threats. 11% said they are significantly behind.

Human-led threat hunting.  48% of respondents have already incorporated human-led threat hunts in their security procedures. 48% plan to implement it within a year. 43% of ransomware victims plan to implement human-led hunting within six months, compared with 33% of those that didn’t suffer an attack.

On the skills shortage.  27% of managers said their ability to find and retain skilled IT security professionals is the single biggest challenge to their ability to deliver IT security. 54% say it is a major challenge.

On outsourcing.  Outsourcing of IT security will rise to 72% by 2022 from its current 65%. The percentage of organizations that exclusively uses in-house staffing will drop from 34% to 26%.

On operational efficiency. 39% of respondents said that improving operational efficiency and scalability is one of their biggest priorities for the IT team this year.

On ransomware victims. 29% of organizations hit by ransomware in the last year allow five or more suppliers to connect directly to their network compared with just 13% of those that weren’t hit by ransomware.

On skilled security professionals.  35% of ransomware victims said recruiting and retaining skilled IT security professionals is their single biggest challenge when it comes to cybersecurity, compared with just 19% who hadn’t been hit.

Cybersecurity: The Human Challenge - Scope of Study

“Given the ongoing cybersecurity skills shortages, IT teams will need to find different ways to extend and enhance their defenses in the face of evolving threats, and in particular the increase in human-led attacks,” Sophos said.

The study's data from a survey it sponsored in January and February, 2020 of 5,000 IT managers in 26 countries worldwide. Some 20 percent of the respondents came from IT technology and telecoms. The respondents work in a range of sectors, both public and private.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.