Report: Cybersecurity teams need nearly 100 days to develop threat defenses

Did you miss a session at the Data Summit? Watch On-Demand Here.


A recent analysis by Immersive Labs of 35,000 cybersecurity team members inside 400 large organizations found that it takes over three months (96 days) on average to develop the knowledge, skills and judgment to defend against breaking threats. One particular breaking threat took, on average, more than six months (204 days) to master, causing concerns for organizations that are forced into swift action.

On the flip side, four of the top five fastest-developed skills in 2021 revolved around the Log4j vulnerability. The increase in sophisticated threats is forcing organizations to find ways to ramp-up skills faster and more efficiently; however, unfortunately, a large gap still exists. Development of knowledge, skills and judgment was also faster against high-profile threat groups. The top five of interest are UNC2452 (Solarwinds), Iranian Threat Groups, Fin 7, Hafnium and Darkside.

However, the frequency in which organizations conduct cybersecurity crisis exercises varies significantly across sectors. An analysis of 6,400 crisis response decisions shows that technology and financial services companies prepare the most for cyberattacks, running nine and seven exercises per year respectively. On the other hand, critical national infrastructure organizations prepare the least, with just one exercise per year.

The report also took a look at application security and found that overall, AppSec teams develop human cyber capabilities faster than cybersecurity teams. Seventy-eight percent of all application security skills are developed faster than the expected completion time, as opposed to just 11% of cybersecurity labs. Furthermore, the average application security lab is completed 2.5 minutes under expected complete time, whereas the average time to complete cybersecurity labs is 17 minutes over. This continues to put a spotlight on the much-needed strategic alignment between AppSec and security teams to keep organizations secure.

Immersive Labs’ Cyber Workforce Benchmark report analyzed cyber knowledge, skills and judgment from over half a million exercises and simulations run by more than 2,100 organizations in the last 18 months. These were broken down to understand the workforce cyber capabilities of cybersecurity, application security and crisis response teams.

Read the full report by Immersive Labs.

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More

Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here

Related Posts
Grayscale DeFi Introduction Report: Internet Banking Across Borders thumbnail

Grayscale DeFi Introduction Report: Internet Banking Across Borders

去中心化金融(DeFi)是一种冉冉升起的新兴加密货币创新,它打破了银行和边界的桎梏,创造了全新的互联网原生全球金融生态系统。目前,DeFi已经开始重塑全球金融和电子商务,但此资产类别对许多投资者来说仍充满了神秘意味。对此,灰度发布了《灰度DeFi入门》,提供了DeFi的概述,讨论了使用案例,深入地研究为Web 3.0加密云经济提供动力的金融系统。 来源丨Grayscale编译丨NingWeb 3.0云经济报告认为,随着技术栈的扩展,互联网将继续演进。加密货币资产是一个位于互联网和新兴市场的交汇处的全新投资领域。过去的创新,如互联网连接、云智能、全球移动性和金融技术金融已经与加密货币的信任和计算层相结合,形成了互联网原生的加密货币云经济。该经济通过向全球传统经济体出口互联网商品和服务持续快速增长。而DeFi应用作为技术栈中代表着金融网络的所有权的新层级,正推动这种被称为Web 3.0的互联网范式转变。加密货币增长的进阶报告指出,互联网原生加密云经济如浪潮般涌现。数字货币、云经济平台和金融生态系统是迄今为止加密货币最引人瞩目的三个阶段。与互联网的Web 1.0和Web 2.0阶段类似,其均建立在前一阶段的基础上并得到进一步加强。具体而言,比特币的区块链实现了可信的价值交换;以太坊的计算机实现了数字商业的法律协议数字企业的法律协议;DeFi的开放API实现了一个全球银行生态系统。任一创新为实现一个更强大的以互联网为基础的全球社会奠定了基础。从历史上看,随着加密货币经济的扩张,最为接近的趋势将迎来最为迅猛的增长,而DeFi也遵循这一趋势。跨越银行业的创新报告提出,DeFi是由在以太坊等加密云经济平台上运行的软件应用支持的一个互联网原生银行服务的生态系统。DeFi应用,由于全球性质通常被称为DApps(去中心化应用),其利用开源的由加密网络用户管理的开放源码软件协议,使传统金融公司提供的许多服务实现了金融脱媒。尽管DeFi在近年才兴起,但该行业已经迅速成熟并促进部分基础性的银行服务,包括稳定币、借贷、交易所。衍生品、数据、资产管理等。DeFi借贷与银行存款和储蓄账户竞争,让用户自由储存资金并获得更高的利率。DeFi交易所使交易像发送电子邮件般便利,流动性网络如同SMTP连接电子邮件提供方,并有可能将集中式交易所变成 以“电子邮件为前端”的统一资本市场系统。DeFi机器人顾问的回报自动化战略正在提升资本市场的效率,这在DeFi的开放银行数据API之前是不可能的。DeFi使任何人向全球任何有互联网连接的任何人提供这些金融服务。金融业的颠覆自2015年MakerDAO推出以来,众多DeFi应用如雨后春笋般,遍及各大银行部门。经过几年的技术迭代后,2020年成为DeFi发现产品市场契合点并真正起飞的一年。DeFi中的头部合约价值从不到10亿美元上升到今天接近900亿美元。DeFi的价值创造在各个领域都有所不同,到目前为止,去中心化的交易所和借贷平台占据了主导的增长份额。随着技术的成熟,该领域的其他部分将持续发展。DeFi正在迅速达到一个临界点,新生的协议生态系统开始与现有的金融服务竞争。值得注意的是DeFi令人叹为观止的增长速度,DeFi的资产现在的价值占标准普尔500指数金融服务部门4.2万亿美元市值的2.6%以上,在不到两年的时间里上升了25倍。然而,与总可用市场(TAM)的市值相比,DeFi生态系统仍处于早期阶段,其总市值仍然只占全球金融服务行业8万亿美元市值的约1.6%,仅摩根大通的市值就几乎是整个DeFi生态系统规模的5倍。但DeFi仍有巨大潜力通过吸收传统金融业的份额实现增长,并在价值近2万亿美元的加密经济中增加份额。DeFi的采用和机会根据报告数据,近年来,DeFi采用迎来迅猛增长。2021年第三季度末,使用DeFi的地址总数达到350万,同比增长6倍以上。在在技术可行性与竞争效用的应用验证中,许多流行的个人DeFi协议的用户增长从线性增长发展至指数级,若该增长速度能够继续下去的话,其将很快接近领先银行的规模。DeFi应用所服务的总价值锁定(TVL)在去年增长了7700多倍,到2021年第三季度达到1720亿美元,锁仓总额已达到美国商业银行存款总额的1%,以资产而言,这已促使DeFi成为的美国第18大银行。通过这些资产,在截至21年8月10日的前6个月中,领先的DeFi协议在各个领域创造了24亿美元的收入,使DeFi有望创造近50亿美元的年化收入。全球金融系统通过为约300万亿美元的资产提供服务,产生了5.5万亿美元的收入,而在成熟期,美国每个平均数字钱包客户在美国商业和金融产品中的潜在价值估计为19,000美元,这也为DeFi的发展蕴藏了巨大的机会。DeFi生态系统面临的风险报告指出,监管的不确定性是DeFi的核心风险。Crypto和DeFi正在寻求形成一个新兴的市场云经济,但这些全球组织仍然必须参与到国际关系,否则将面临外国制裁的风险。DeFi的其他风险还包括可能的黑客攻击或漏洞、技术成熟度,加密货币价格波动性、以及一些未经证实的经济或治理模式。加密货币创造了一个由其用户拥有的互联网,DeFi使这些用户能够拥有该金融生态系统的一部分。DeFi是加密云经济增长的第三阶段,也是金融科技创新的下一波风口。互联网扩大了对信息的获取方式,而DeFi有能力为银行业塑造同样的故事。DeFi寻求改变人们在互联网上构建信任的机制,并为3300万美国银行服务未能触达的家庭、全球17亿未享受与银行服务的成年人以及46亿互联网用户提供新的银行业务替代方案。
Read More
The NFL and Amazon are using AI to invent new football stats thumbnail

The NFL and Amazon are using AI to invent new football stats

The National Football League, like most professional sporting industries, is embracing artificial intelligence. Through a partnership with Amazon Web Services called Next Gen Stats, the NFL is hoping that intelligent algorithms, with the help of high-tech data collection tools, will be able to extract meaningful data from games and decipher patterns in player performances. AWS
Read More
Fans rebel after Ubisoft announces Ghost Recon Frontline thumbnail

Fans rebel after Ubisoft announces Ghost Recon Frontline

October 5, 2021 1:34 PM Join gaming leaders online at GamesBeat Summit Next this upcoming November 9-10. Learn more about what comes next.  Ubisoft today revealed its latest Tom Clancy project, Ghost Recon Frontline. It’s a free-to-play first-person shooter, and its flagship “mode” is a battle royale in the style of Call of Duty: Warzone.…
Read More
Danubius Informatika thumbnail

Danubius Informatika

Interjú Fogarasi Saroltával, a vállalat elemzőicsapatának vezetőjével. Számos mítosz övezi az agilis módszereket, amelyek elfogadását és sikeres alkalmazását nemcsak a félreértések, hanem a változással szemben érzett félelem, a reflexszerű elutasítás is nehezíti a nagyvállalatoknál. Tudatos és türelmes megközelítéssel azonban ezek az akadályok gyorsabban leküzdhetők, mint sokan gondolnák. A digitális gazdaságban a hazai nagyvállalatoknak is nagyobb…
Read More
Index Of News
Total
0
Share