The top threats remain email

[relemedf5w023]

For many CISOs, employees and other users remain the top security threat. Only 51% of CISOs believe they have achieved full security compliance across all employees through training and robust onboarding and offboarding processes.

, phishing, and risky user behavior. “In addition to addressing these risks with multi-factor authentication, advanced spam filtering, and Domain-based Message Authentication, Reporting, and Conformance (DMARC) to protect corporate email from breaches, it’s important to have an organizational process that starts on a new employee’s first day with security awareness training,” Nather said. These risks have consistently been a concern for 56-57% of respondents over the past three years. Combined with the lack of security awareness training for employees, this is likely the biggest gap that the security industry can help fill.

The research found that the methods CISOs use to ecuador mobile database their success are changing rapidly. The share of respondents using the average time to detect an intrusion to determine the effectiveness of protection fell from 61% in 2018 to 51% in 2019, while the “time to patch” fell from 57% to 40%. In contrast, the popularity of the “time to recover” metric increased from 30% to 48%.

More and more departments are involved in ensuring security
Risk assessments and metrics that span multiple departments are playing an increasingly important role in security technology selection, in part due to cyber insurance, the study found. These tools help CISOs focus on operational practices. Forty percent of respondents said they use cyber insurance at least partially when setting their budgets.