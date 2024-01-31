The latest study titled 'The State of Threat Detection, Investigation and Response, November 2023,' conducted by International Data Corporation (IDC) and Exabeam, has unearthed some crucial insights about the state of cybersecurity in companies across North America, Western Europe, and the Asia Pacific and Japan (APJ). Despite reported improvements in security operations, the study found that over half (57%) of the companies experienced significant security incidents in the past year, underscoring the persistence of cybersecurity threats.

The Discrepancy Between Self-reported Measures and Actual Performance

Interestingly, the study reveals a striking discrepancy between self-reported cybersecurity measures and actual performance. Most businesses (over 90%) believe they have good or excellent threat detection capabilities, and 78% are confident in their threat investigation and mitigation processes. However, the rate of security incidents suggests otherwise. This disconnect points to a lack of full visibility and complete automation in threat detection, investigation, and response (TDIR) that is likely contributing to security gaps.

Monitoring Challenges and Automation Hesitation

The study found that organizations can monitor only 66% of their IT environments on average, which leaves critical blindspots, especially in the cloud. This lack of comprehensive oversight is a significant factor in the high rate of security incidents. Additionally, over half of the organizations have automated less than 50% of their TDIR workflow. This hesitation to fully embrace automation impacts the efficiency of defense operations and could be due to concerns about the absence of human oversight.

The Growing Need for Third-Party Assistance and AI-driven Automation

The report indicates a growing need for third-party assistance in managing threat detection and response, as well as a demand for solutions equipped with user and entity behavior analytics (UEBA). It also suggests that AI-driven automation is becoming increasingly sought after to improve security metrics and team morale. Given these findings, the study concludes that there is an expectation for continued demand for AI-powered security solutions that can help bridge the automation gap in cybersecurity, thereby improving threat detection and response.