Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Global Cybersecurity Confidence Declines

The newly released 2017 Tenable Network Security Global Cybersecurity Assurance Report Card, with research conducted by CyberEdge Group, updates findings from the 2016 Global Cybersecurity Assurance Report Card. With the addition of France, India and Japan, Tenable surveyed 700 security practitioners from nine different countries across seven industry verticals. The report assesses the overall confidence levels of information security professionals in detecting and mitigating organizational cyber risk.

Global trends

This year, overall confidence levels dropped by six points to a 70%, or a C-, reflecting a decline in perceptions of global cyber readiness, fueled by the challenges of assessing and mitigating cyber risks across the evolving threat landscape. According to the data, many IT security pros feel overwhelmed by the number of breaches, and are struggling to keep pace with cloud adoption, mobile computing, DevOps environments, containerization platforms, web apps and more.

Collectively, participants scored just 61% on the Risk Assessment Index, a 12-point drop from 2016, and 79% on the Security Assurance Index, which remains unchanged.

New to the 2017 report, containerization platforms and DevOps environments are a growing concern across all countries and industries. In fact, global cybersecurity practitioners gave themselves a D on their overall ability to assess risk, with failing grades for emerging tech, including containers (52%), DevOps (57%) and mobile (57%). Compared to last year, confidence in cloud security dipped seven points to 60% or a D-.

There isn’t one contributing factor to the massive decline in Risk Assessment scores; it’s a by-product of the ephemeral nature of assets and the expanding attack surface

The biggest takeaway, however, is that there isn’t one contributing factor to the massive decline in Risk Assessment scores; it’s a by-product of the ephemeral nature of assets and the expanding attack surface. The modern enterprise network includes mobile, cloud, web apps, internet of things, BYOD, containers and virtual machines that must be constantly maintained and secured. Technology drives innovation, but it also creates more complexities and room for vulnerabilities to work their way into the network.

While alarming, the 12-percentage point drop in Risk Assessment indicates that respondents understand the challenges of today’s complex and interconnected attack surface while acknowledging gaps in their ability to assess risk in emerging technologies.

Staying positive

Although overall confidence was down in five out of the six returning countries and five out of seven industries, levels of optimism remained comparable to last year, with 43% of respondents feeling “somewhat more optimistic,” compared to 38% last year.

Additionally, the two highest global Security Assurance Index scores were the ability of security professionals to measure security effectiveness: 83% or B, and the ability to convey risk to business executives and the board: 80% or B-.

This signifies a level of growth and maturity among security professionals, and their commitment to aligning security with business objectives. Higher Security Assurance grades mean that respondents feel comfortable talking about and reporting on network security, and sharing information with the c-suite.

The road to improvement

It’s more important than ever to have continuous visibility into all assets across cloud, hybrid and on-premises environments

What can security professionals do to improve Risk Assessment and Security Assurance scores? One of the best starting points is to know exactly what is on a network at all times. You can’t secure what you don’t know about, and in today’s highly distributed and complex IT landscape, it’s more important than ever to have continuous visibility into all assets across cloud, hybrid and on-premises environments. Staying ahead of the security challenges that accompany new trends and technologies is also a priority.

Change often occurs at the highest level, so it’s also important to measure security effectiveness and to communicate risk up the chain. One way for infosec pros to convince business executives that cybersecurity should be treated as a top business concern is to have the right metrics and reporting procedures in place, readily available and easily digestible for decision makers who lack in-depth security expertise. That starts with having a resilient security program with the right visibility and context needed to not only identify network threats, but also provide data and benchmarks to drive improvement.

More information

You can access the full 2017 Global Cybersecurity Assurance Report Card, download infographics and other assets, and read about the survey methodology in more detail on the 2017 Global Cybersecurity Assurance Report Card landing page. To compare year-over-year results, check out the 2016 Global Cybersecurity Assurance Report Card landing page and summary blog. And stay tuned for on-demand webinars coming in early January 2017.

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training