Why complexity is greatest threat to cybersecurity outcomes

When it comes to company security, there is cause for concern.

Organisations are facing an average of 44 significant cyber incidents a year, and detection and response times are slow with three-quarters of organisations taking an average of six months or longer to detect and respond to an incident.

That’s according to EY’s recently released 2023 Global Cybersecurity Leadership Insights Study.

So, what’s going wrong?

It’s not that the technology isn’t there, nor that companies aren’t investing – with investment in cybersecurity between 2010 and 2022 growing at a CAGR of 16.6%, according to Pitchbook.

And the study, which surveyed 500 CISOs and C-suite members, reveals that a wave of new technology implementation is coming, with 84% or organisations in the early stages of adding two or more new technologies to their existing suite of cybersecurity solutions.

Ironically – it’s the very scale and complexity of security measures that is now posing the greatest threat to efficient cybersecurity, according to EY.

Put simply, it limits visibility.

“The more clutter you have in your technology environment, the harder it is to pick up signals and get on top of issues quickly,” says Richard Watson, EY Global and EY APAC Cybersecurity Consulting Leader.

EY recommends consolidating technology into a single platform and reducing the number of vendor products eases integration, as this allows telemetry to flow to the surface more easily, and helps security teams spot incidents more efficiently.

“CISOs need to transform how cybersecurity technology is introduced across the enterprise, developing a holistic technology strategy that rationalises existing systems and addresses the cybersecurity needs of emerging business imperatives such as cloud and ecosystem partnerships and makes full use of automation.”

This is especially urgent given that the known number of cyber-attacks has increased by around 75% over the past five years and ransomware costs are forecast to reach US$265 billion by 2031 – up from US$20 billion in 2021.

Secure Creators are setting the cybersecurity pace

The EY study identified organisations that have more effective cybersecurity outcomes – known as Secure Creators, these make up 42% or organisations polled.

Described as having an approach to cybersecurity that “both protects and creates value for their organisation,” Secure Creators are significantly more likely to see positive impacts to their ability to respond to market opportunities and their pace of transformation and innovation.

So, what do you secure creators do differently that makes them more effective in their cybersecurity outcomes?

According to EY, they are quick to adopt emerging technology and utilise automation to orchestrate their cybersecurity technology and streamline processes.

They are more focused on technologies that enable automation and more likely therefore to use or are in the late stages of adopting AI or ML, and Security, Orchestration, Automation and Response (SOAR)

This provides a seamless, organisation-wise defence and a clear line of sight to cybersecurity incidents.

They have specific strategies for managing complex attack surfaces across the cloud, on-premises and third parties and they have integrated cybersecurity into all three levels of the organisation, from the C-suite to the workforce at large, and the cybersecurity team itself.

They are also more likely to say their approach to cybersecurity is tied to improved adaptability as threats change, with 45% reporting a positive impact.

EY urges cyber leaders to ensure they have a cybersecurity technology strategy that provides security through simplification:

• Simplify and rationalise existing cybersecurity technologies to reduce total cost of ownership and establish the platform for seamless operations at speed
• Review legacy systems that are duplicative or poorly integrated as part of technology modernisation
• Adopt simplified and automated cybersecurity processes, rather than multiple independent configurations
• Adopt emerging capabilities faster without introducing new risks or complicating the overall technology environment
• Consider automation-led approaches including DevSecOps and SOAR
• Pursue co-sourcing and a managed services approach that simplifies infrastructure and increases visibility while generating cost efficiencies