SEATTLE— DomainTools released today its annual Cybersecurity Report Card in which security analysts, threat hunters and other cyber professionals on the front lines self-grade the security posture of their organizations. Now in its third year, the survey responses build on the results of the previous 2018 and 2017 Report Cards and further strengthen and support numerous trends that have been playing out year-over-year. The report also provides insights into how successful organizations are adapting to the changing threat landscape.
Coming off of a year of major data breaches making headline news, it’s easy to draw the conclusion that security teams are losing the cybersecurity battle. However security pros are reporting real progress being made as confidence in their programs continues to grow: Thirty percent of respondents gave their program an “A” grade this year, doubling over two years from 15 percent in 2017. Less than four percent reported a “D” or “F”.
Security breaches among those surveyed are also continuing to decline year-over-year. The percentage of organizations that indicate they have been breached in the past 12 months has dropped from 26 percent in 2017 to 15 percent in 2019, according to the findings. The report also validates that automation is “working” and is playing an increasingly important role in securing these organizations.
“Cyber threats remain relentless and continue to evolve in complexity, so it is reassuring to see that the confidence of security teams in their security posture is growing in parallel with their success in defending against the latest attacks. It is also exciting to see the results of investments in automation and in-house SOCs paying off as the key components of driving this progress forward,” said Tarik Saleh, Senior Security Engineer & Malware Researcher.
Added Saleh, “Unfortunately, security teams report they are more short-staffed than ever, with the need for more staff as the number one hurdle to achieving an ‘A’ grade in 2019, overtaking budget issues from previous years.”
More than 500 security professionals from companies ranging in size, industry, and geography were surveyed to provide insight into what security initiatives are in use by top-rated organizations and where there remains room for improvement heading into 2020. Prominent findings include:
The report also looked at the most common threat vectors that organizations detect. Malware, spearphishing, and business email compromise are the three most predominant forms of attack, with ransomware and DDoS both showing 10 percent declines since 2017.
Read the DomainTools 2019 Cybersecurity Report Card to get the full story and a more in-depth analysis of these findings plus many others. Download the report now.
About DomainTools
DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at https://www.domaintools.com/ or follow us on Twitter: @domaintools.