The most glaring thing to us is how budgets dedicated to cyber security are heavily skewed towards Protection/Prevention (80%) and not enough on Detection/Monitoring/ Intelligence (15%) and Response (5%). No wonder the median number of days before a breach is detected is 229 days and that 67% of companies learned they were breached from an external entity. In today’s world of ”always-on” technology and not enough security awareness on the part of users, cyber-attacks are no longer a matter of “if” but “when.” We live in an age where information security prevention is not an option.
Where organizations do have a fully-fledged SOC including tools like SIEM, NGFW, IPS, Sandbox, etc, their ability to detect and respond to threats is still non-existent, because they are still too reliant on technology and prevention and not enough on detection, response, intelligence, people and process. These solutions remain a key control for combatting today’s known attacks. However, they become less effective over time as hackers find new ways to circumvent controls.
Organizations should be investing in these 3 pillars of security equally, i.e. 33% of their cyber security budgets on Protection/Prevention controls, 33% on Threat Detection/Monitoring/Intelligence and 33% on Response capability. To assist clients on this journey, at LMNTRIX we are 100% focused on complementing customers’ existing Prevention efforts with affordable 24/7 advanced detection, response and prediction capability.