AT&T Cybersecurity Insights Report Vol. 8: Executive Summary

Are the organizations who are investing more in cybersecurity achieving better outcomes than those who aren’t?

In a survey of 250 IT professionals, the number of organizations ranking cybersecurity solutions as being of “critical importance” has doubled since just three years ago. Yet, while cybersecurity investment is growing, why is it that less than half (42%) of organizations are confident in their risk management strategies (pg.2)?

The answer lies in the disconnect between how cybersecurity technologies are seen by top executives and how IT and security teams actually utilize them. Investing in cybersecurity is a crucial first step, but if an organization doesn’t have direction on where to place that investment, they could very well be wasting money and still leaving themselves vulnerable to attacks.

Todd Waskelis, AVP with AT&T Cybersecurity Solutions, says, “Not all investment is good investment. You need to know what your data security priorities are first. Without this understanding, you could just be chasing a shiny object of little value.”

The challenges of implementing edge-to-edge cybersecurity solutions

Many organizations view their cybersecurity risk management strategy as just a “checkbox” item. It’s an investment that looks good on paper and in presentations, but may not get full-scale buy-in, implementation, or compliance.

Additional challenges organizations see as they try to implement better security solutions and practices include: end-user resistance, inadequate budget for security, and a lack of true appreciation for the problem from C-level executives. In fact, 60% of C-level executives felt the security solutions already in place are keeping them completely or very safe—compared to 29% of IT security staff (pg. 9).

It’s these obstacles and gaps that lead to an inadequate cybersecurity infrastructure. Businesses know they need solutions in place, but they may not have the tools, expertise, or support to get the right solutions.

How MSSPs can help solve cybersecurity challenges

“The harsh reality is that no number of security systems can stop an attack,” says Barmak Meftah, President of AT&T Cybersecurity Solutions and CEO of AlienVault. “They can only reduce the risk. The severity of an attack is therefore determined by how quickly a company can detect and respond to threats as they occur.”

An MSSP helps organizations intelligently invest in the right array of technologies to help protect against, and respond to, cyberattacks.

"Top MSSPs can provide improved threat intelligence with highly specialized skills, helping organizations bridge the skills shortage. They also help remove the pressure from your IT/security teams, freeing them up to focus on core operations,” says Bindu Sundaresan, Strategic Solutions Practice Lead with AT&T Cybersecurity Solutions.

The right MSSP can help:

• Create a cost-efficient, centralized security strategy that will support business operations, not hinder them

• Enable the company to focus on new technologies and innovation, while the provider manages the cybersecurity strategy, if required.

• Offer a raft of other benefits, including 24/7 threat monitoring and support, the latest insights on emerging security threats, and access to enhanced network security features

Protecting against vulnerabilities, from the keyboard to the cloud

Cybersecurity has traditionally been viewed as an IT issue, but in today’s digitized world, that thinking is dangerous. Businesses need to eliminate silos and prioritize collaboration so that operations are transformed, and cybersecurity is placed front and center. Because MSSPs have a broader view of a client’s environment, they can help see to it that the client is not investing blindly, but shrewdly, in their defenses against cybercriminals.

Read the full report, Charting a new course: When investing more in cybersecurity isn't the answer, to discover more key insights on how to better invest in your cybersecurity.