The health of cybersecurity programs have grown stronger in the past year, according to a DomainTools survey released Monday. In the Cybersecurity Report Card, more than 500 cybersecurity professionals were asked to grade the overall health of their programs, revealing a huge shift from the previous year’s results.
While cybersecurity incidents have increased in 2018, so have the measures companies are taking to thwart attacks. Some 21% of respondents graded their security programs an ‘A,’ 42% rated their efforts a ‘B,’ and the number of ‘C’ and below grades have declined, according to the press release.
The positive feedback can be attributed to automation, better training, a bigger threat infrastructure map, and forensic analysis, said the press release. Some 92% of grade A companies credited automation to their success, as automation eliminates time-consuming manual security processes, said the release. Individuals who gave their companies D and F ratings, on the other hand, reported their processes to be highly manual.
Training efforts were instrumental in high ratings for companies as well, according to the release. The number of employees who intended on skipping trainings decreased by 50% from 2017, and 5% of organizations plan on improving their trainings in 2018, said the release.
Additionally, 82% of security professionals emphasized value in DNS-based threat intelligence, 71% of grade A businesses have expanded from one indicator to a large threat infrastructure map, and A and B organizations reported using forensic analytics on compromised machines, said the release.
“In the midst of a seemingly never-ending flow of attacks, this annual report provides insight into the approaches that will take security grades from an F to an A.” said Corin Imai, senior product marketing manager at DomainTools, in the release. “It’s notable that A and B grades come from a strategic use of automation and that we are seeing a decrease in the number of teams using manual processes.”
The big takeaways for tech leaders:
- Cybersecurity professionals are rating their companies’ security efforts higher than last year. –DomainTools, 2018
- The majority of security employees from highly-rated companies attributed their success to automation, training, threat intelligence, larger threat infrastructures, and forensic analysis. –DomainTools, 2018