Research from Aruba and the Ponemon Institute Demonstrates that Security Teams See Autonomous Learning Technologies and Network Visibility for Users and IoT Devices as Essential to Counter Stealthy Threats within their IT Infrastructures
As companies struggle to combat growing sophisticated cybersecurity attacks, the severity of this is exacerbated by the disappearance of IT perimeters in today's mobile and IoT era, coupled with the acute shortage of qualified security staff, teams IT security needs both a new approach and powerful tools to protect data and other valuable resources. Increasingly, they are turning to seeing artificial intelligence (AI) as a key weapon to win the battle against silent threats within their IT infrastructures, according to a new global research study conducted by the Ponemon Institute of the by Aruba, a Hewlett Packard Enterprise (NYSE: HPE) company.
The Ponemon Institute study, titled "Closing the IT Security Gap with Automation and AI in the IoT Age," surveyed 4,000 IT security professionals in America, Europe, and Asia to understand what makes it so difficult. close IT security gaps and what types of technologies and processes are needed to stay one step ahead of bad actors in the new threat landscape.
The research revealed that security systems incorporating autonomous learning and other AI-based technologies are essential to detect and stop attacks targeting IoT users and devices, in order to successfully protect data and other valuable resources. Most respondents agreed that AI-powered security products will help:
* Reduce false alarms (68 percent)
* Increase the effectiveness of your team (63 percent)
* Provide greater efficiencies for research (60 percent)
* Improve their abilities to discover and respond more quickly to sneak attacks that have been evaded by perimeter defense systems (56 percent).
Twenty-five percent of respondents said they currently use some AI-based security solution, with another 26 percent saying they plan to develop these types of products within the next 12 months.
Current Security Tools are Not Enough
Despite large investments and cybersecurity programs, our research found that most companies remain unable to stop advanced and targeted attacks, with 45 percent believing they are not realizing the full value of their arsenal of defense, ”said Larry Ponemon, founder of the Ponemon Institute and principal investigator. "The situation has become the perfect storm, with almost half of respondents saying that it is very difficult to protect complex and dynamic attack surfaces, compounded by the lack of security personnel with the experience necessary to combat today's attackers. day they are persistent, sophisticated, well
trained and financed. Against this background, AI-based tools, which can automate tasks and give IT staff the freedom to manage other aspects of a security program, were seen as a key weapon in helping companies keep up with increasing threat levels. ”
IoT and Cloud add Significant Risk
Ponemon researchers found that most IT security teams consider one of the key gaps in the company's overall security strategy to be the inability to identify attacks using IoT devices as the entry point. In fact, over three-quarters of respondents believe IoT devices are not secure, with 60 percent claiming that even simple IoT devices pose a threat. Two-thirds of respondents admitted that they have little or no ability to currently protect their "stuff" from attack. Continuous monitoring of network traffic, closed-loop detection and response systems, and detection of behavioral anomalies between pairs of IoT device groups were singled out as the most effective approaches to better protect their environments.
Even a proprietary model for IoT security represents a potential risk. When asked who was responsible for IoT security within their organization, the responses ranged from CIO, CISO, CTO, and line-of-business leaders, without majority consensus. Only 33 percent identified the CIO, with no other executive or functional group, achieving a total response of over 20 percent. "No Function" was the third highest response (15 percent).
The survey results also highlighted the importance of visibility and defining what resources people and IoT devices have access to, with 63 percent of respondents claiming that network access control is an overall important element of your company's security strategy and critical to narrowing the scope of internal security vulnerabilities. Detailed information on applications (71 percent), endpoints (69 percent), cloud (64 percent), and networks (63 percent) was also cited as important, with more than half saying that solutions are currently in place. access control to allow visibility and control across both wired and wireless networks.
Additionally, more than half of respondents said it is difficult to protect the blurring and growing IT perimeters resulting from requirements to simultaneously support IoT, BYOD, mobility, and cloud initiatives (55%).
"Partnering with Instituto Ponemon helps us improve customer experiences by better understanding the challenges of security teams and thus providing them with advanced solutions that enable them to quickly identify and respond in an ever-changing landscape," said Larry Lunetta, vice president of marketing security solutions, in Aruba. "The information gained from this study enables us to continually improve our ability to provide an integrated wireless and wired network security framework and a more comprehensive approach to regain visibility and control."
Ponemon's Findings Parallel to Other Aruba Investigations
The findings from the Ponemos Institute study parallel those of a June 2018 Aruba global study of 7,000 employees across 15 countries revealed that cybersecurity is a challenge for employers, especially for those working in smart buildings.
* The report found that although employees reported higher levels of cyber security awareness (52 percent think frequently or daily about security), they also admitted that they take more risks with company data and devices, with 70 percent that supported risky behaviors like sharing passwords and devices.
* It also showed that 25 percent of employees have connected to potentially insecure open Wi-Fi in the past 12 months, 20 percent said they use the same password in different applications and accounts, and 17 percent admitted that they type the passwords to remember them.