All eggs in one basket? 39%of enterprises in the META region have a security team within their wider IT department
Among enterprises in the META region, cybersecurity is managed by a dedicated department in more than half (58%) of them,, while only 25% of companies of this size have an in-house Security Operation Center (SOC) responsible for continuous monitoring and responding to security incidents. The primary driver for seeking increased IT security budgets over the coming years is to improve internal specialists’ expertise.
Businesses, and large enterprises in particular, require skilled professionals to protect from ever- evolving cyberattacks. Combining IT and security functions within a single department can be convenient and speed up many processes to this end. However, this approach also contradicts the
segregation of duties principle, as the same people would be responsible for both day-to-day IT initiatives as well as the evaluation of corresponding security risks. Kaspersky’s recent report on IT security economics looks into this conflict of approaches and unveils what today’s typical IT security
department looks like.
Respondents were asked if their companies employ highly specialized units within a cybersecurity department. In addition to SOC, 19%said that they have dedicated threat intelligence teams and 20%employ a dedicated malware analysis team.
Even though the share of such dedicated units seems small, the majority of organizations are ready to mitigate this by assigning budget to upskill their IT security staff. More broadly, 72%of all businesses expect that their investments into IT will grow in the next three years. Among them, 48% of enterprises are driven by a desire to improve internal specialists’ expertise, a primary driver for increased IT security budgets.
In order to address multiple organizational setups and different priorities or strategies, Kaspersky has split its B2B offering into frameworks based on customers’ IT security maturity – Kaspersky Security Foundations, Kaspersky Optimum Security and Expert Security. The recently launched Kaspersky MDR powers each framework, enabling an instant IT security function while allowing more mature IT security teams to focus on the most critical incidents.
“The survey results show that enterprise cybersecurity departments may come in many forms. It means that their needs and requirements also vary. With our framework approach we not only help customers to protect against cyberattacks based on their current capabilities, and irrespective of business size, but we outline how they can strengthen their internal security expertise further looking forward,” comments Sergey Martsynkyan, Head of B2B Product Marketing at Kaspersky.
Kaspersky Optimum Security framework enhances security against new, unknown and evasive threats by helping medium-sized businesses and smaller enterprises with limited cybersecurity resources to build incident response. Kaspersky Expert Security framework represents a holistic
strategy to help equip, inform and guide in-house experts to face the full spectrum of today’s complex threats, APT-like and targeted attacks. More information about the frameworks is available on the official web page.