The State of the Security Team

Data on a laptop screen.

The success of the cybersecurity team requires support across the entire organization. LogRhythm’s 2022 State of the Security Team global research report, provides insightful statistics regarding the current stressors security professionals face, and ways executives can address these challenges.

In this blog, we’ll cover key findings from the research which highlight how to better support your first line of defense, the security team. You can also hear directly from the experts on this matter by joining our webinar featuring LogRhythm’s CISO and Deputy CISO.

2020 vs 2022 state of security research trends

In 2020, LogRhythm’s research found significant misalignment between executives and their security teams; only 43% of respondents indicated they received enough support with regards to budget, strategic vision, and buy-in. Two years later, we’ve gathered some intriguing insights; in 2022, support nearly doubled with 83% of respondents stating they now have executive support. This indicates better awareness and alignment between executives and security teams — which shows great progress in the industry!

With executive support rising, what are some of the latest challenges security teams face and how can executives address these problems? Our 2022 research concludes three major findings.

3 findings from The State of Security Team 2022 report

Below you’ll find key themes and challenges that organizations across the globe are dealing with. You can also skip to our infographic for quick data points!

1. Security is no Longer an Internal Affair; Customers and Partners Now Demand Higher Standards

Keeping the business secure while ensuring the success of the organization, means more than just protecting your internal workforce and assets. Statistics show that cybersecurity greatly impacts relationships with customers and partners:

  • 91% admit their security strategy must align to customer requirements
  • 85% say they must provide proof to meet partner requirements
If you’re not meeting third-party security demands, then your business will lose opportunities. Our data revealed that 67% of organizations admitted to losing deals by failing to meet customers’ security requirements. Third-party relationships create potential avenues for attackers to enter into the environment and so this risk must always be considered:

“Legal, risk management, and security leaders recognize that no matter how much effort — and budget — they put into security, third parties can undermine years of work. Target, SolarWinds, and Kaseya are easy examples, but plenty more exist. In the business-to-business (B2B) world, prospects weigh the solutions’ capabilities against the risk they introduce if adopted based on the sellers’ security posture and practices. Partners do the same in the business-to-consumer (B2C) world.” – Forrester, CISOs’ Tactics to Win Every Budget Battle

This certainly reinforces the notion that security has become a business imperative over the years. To achieve success, business executives and security leaders must develop close-working relationship with third-parties to ensure effective communication, instill trust, and align with their top priorities.

2. High Team Stress and Turnover Lead to Higher Security Risk

It’s no secret that security teams face a lot of pressure year over year. Keeping up with internal and external stakeholders’ demands, while protecting the organization, results in an overwhelming amount of work and responsibilities — and this comes at a cost. Our data shows that 70% of security professionals say that work-related stress is increasing and 77% of executive participants state employee turnover compromises security team effectiveness.

When asked, “Which of the following has increased your work-related stress level?” Participants mentioned the following top choices:

  • Growing attack sophistication
  • More responsibilities
  • Increasing attack frequency

It’s necessary to confront these challenges head-on because a less effective team leads could lead to more security gaps and increased risk. To alleviate stress and help security teams better manage the scale and sophistication of attacks, many CISOs invest in security tools to address these issues. That said, this brings us to our next point… security tools alone do not fix all problems. If they are not implemented or managed properly, this can cause more strain on the security team and more noise to sift through in the environment.

3. Companies Lack a Strategy for Adding New Security Capabilities That Improve Security While Reducing Stress

According to our state of security research, 85% of companies have an increasing trend of overlapping security solutions, yet 56% mention that the overlap is accidental. As a result, security teams face additional work to deploy and maintain duplicative tools.

Consolidating tools, reducing overlap, and choosing the best solution should be a top priority. Before purchasing tools for the SOC, leaders need to understand how the SOC would benefit from a particular technology and what threats the business is concerned about to better align with those use cases. According to Gartner, there are several steps security and risk management (SRM) leaders can take to identify the best SOC tool that fits their organization’s specific needs.

“SRM leads can improve the odds of selecting the right tool for the organization by gaining consensus during a premortem analysis on what could go wrong and which success metric should apply to a project. The premortem can also serve as an early-stage vehicle for collecting initial use cases and requirements.”

The types of questions Gartner suggests that security leaders ask during a premortem analysis are things such as:

  • What is the outcome we require for this security tool?
  • Do we have the correct skills and team resources internally to manage the security tool?
  • What lessons from other tool implementation projects apply to this?
  • How are we going to track this project?
  • What is the operational cost to incorporate a new security product?
  • Can adoption of the new tool displace legacy security products and processes. If yes, what are the potential cost savings?

Read through this Gartner research report for more tips on selecting the right tool for your SOC. It is vendor-agnostic and provides a useful methodology to follow when making purchasing decisions.

Address your security team challenges today!

Cybersecurity is a business imperative, but security teams face a wide variety of challenges; digital transformation is expanding the attack surface; external stakeholders are focused on the efficacy of cybersecurity, and overlapping cybersecurity tools cause stress on already stretched security teams.

To overcome these recent obstacles, “Executives need to pay more attention to the priorities of frontline security professionals and focus on consolidation, training, and staff retention. It is equally important to ensure security teams are armed with the appropriate resources to meet regulatory compliance requirements, as well as internal and external stakeholder demands.” – LogRhythm, The State of the Security Report 2022

Infographic: State of the Security Team

For quick data points from our global research report, skim through our state of security team infographic below!

State of the Security Team infographic