IBM：2019年網絡安全復雜性報告（英文版）(16頁).pdf

1、A Forrester Consulting Thought Leadership Paper Commissioned By IBM May 2019 Complexity In Cybersecurity Report 2019 How Reducing Complexity Leads To Better Security Outcomes Table Of Contents Executive Summary Reactive Tactics Have Spun A Tangled Web Of Security Solutions Complexity Threatens Cyber

2、security Effectiveness Simplified Cybersecurity Portfolios Are The Way Forward Key Recommendations Appendix 1 2 4 7 12 13 ABOUT FORRESTER CONSULTING Forrester Consulting provides independent and objective research-based consulting to help leaders succeed in their organizations. Ranging in scope from

3、 a short strategy session to custom projects, Forresters Consulting services connect you directly with research analysts who apply expert insight to your specific business challenges. For more information, visit 2019, Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictl

4、y prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester, Technographics, Forrester Wave, RoleView, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property

5、of their respective companies. For additional information, go to . E-42068 Project Director: Josh Blackborow and Sophia Christakis, Market Impact Consultants Contributing Research: Forresters Security increase productivity of security staff; extract insight from data; and drive efficiencies. Moreove

6、r, just 50% or fewer respondents report they are using all or most of the available functionality in any of the 11 security technology categories in our study. Notably, fewer than 25% say their technologies are fully optimized in internet-of-things (IoT) security; identity and access management; sec

7、urity automation and orchestration; and security information and event management (SIEM). Respondents predict that by 2020, the percent of security assets and processes their organizations have in the cloud will increase by more than 200% over 2016 levels. 3 | Complexity In Cybersecurity Report 2019

8、 “How has the amount of data your organization is storing in each of the following locations changed over the past two years?” (Showing average percent increase) Figure 2: Data Volumes Across Locations Have Soared In The Last Two Years Base: 200 global security professionals with responsibility for

9、security strategy and/or security technology purchases Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2019 86% Cloud databases 84% Cloud (SaaS) 79% Cloud (IaaS) 70% Cloud (PaaS) 68% Virtual servers 58% On-prem databases 55% Physical servers 55% Endpoints 91%

10、 of security professionals express concern over their organzations security complexity. Complexity Threatens Cybersecurity Effectiveness As todays security leaders struggle to manage the complexity of their security environments, they are learning the tough lesson that adding more point solutions do

11、esnt simplify anything. The lengthy deployment cycles, difficult integrations, and user training involved with managing an influx of solutions present risks that make technology investments fail. 4 Respondents recognize that this poses a very real threat: 91% express some level of concern over their

12、 organzations security complexity (see Figure 3). It ranks second highest among their top concerns, only slightly behind the changing and evovling nature of threats. While nearly every respondent indicated some concern over complexity in their environment, the results from those who responded with t

13、he highest levels of concern made it clear just how complex organizations have become (see Figure 4). Predictably, the greater the concern over complexity, the more products and data organizations had. The respondents who indicated a higher concern for complexity also, on average, have 45% more secu

14、rity products and 36% more vendors than respondents who were less concerned. In addition, they are managing more data across locations. As a result, theyre twice as likely as other organizations to describe integrating disparate security technologies and data sources as challenging and to struggle w

15、ith gaining visibility into security-related data and insights (see Figure 5). And any insight they do glean is difficult to build on: Over half of them cite collaborating with peers inside and outside of the organization on security insights as a barrier, making it more difficult for them to develo

16、p their threat intelligence capabilities and to uncover patterns of vulnerability. “How concerned are you with each of the following when it comes to protecting your organizations security posture?” (Showing responses for “Complexity of our security environment”) Figure 3: Concerns Over Complexity A

17、re Top Of Mind For Security Professionals Base: 200 global security professionals with responsibility for security strategy and/or security technology purchases Note: Percentages do not total 100 because of rounding. Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, Ja

18、nuary 2019 Security complexity ranks among respondents top concerns and rivals the level of concern they express over the changing nature of IT threats and regulatory compliance. 9% Not at all concerned 12% Slightly concerned 24% Somewhat concerned 38% Concerned 18% Extremely concerned 91% of securi

19、ty professionals are concerned with the complexity of their security environments 4 | Complexity In Cybersecurity Report 2019 5 | Complexity In Cybersecurity Report 2019 “How concerned are you with security complexity when it comes to protecting your organizations security posture?” Figure 4: Defini

20、ng Complexity Concern “How challenging is each of the following for your security team?” (Showing “Challenging” or “Extremely challenging”) Figure 5: Higher Complexity Leads To Greater Challenges Higher security complexity concern (N = 112) Higher security complexity concernLower complexity concern

21、Lower security complexity concern (N = 88) Base: 200 global security professionals with responsibility for security strategy and/or security technology purchases Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2019 “Extremely concerned” or “Concerned” “Somewh

22、at concerned,” “Slightly concerned,” or “Not at all concerned” 26% 59%Visibility into security-related data and insights from across the organization 28% 57%Integrating disparate data sources/stores that comprise your security portfolio 38% 56% Collaborating/sharing security insights externally 24%

23、54%Integrating technologies that comprise your security portfolio 26% 51% Collaborating/sharing security insights internally Those with higher concern (whom weve shown to have greater complexity) are also at a distinct disadvantage because: Complexity erodes ROI. Security complexity exacerbates an a

24、lready challenging issue: an inability to make the most of security resources. Those with greater complexity concern are more likely to say that the complexity of their security environment has led to high costs. They also are more likely to cite inefficiencies in the use of security technology and

25、security staff time and to find it difficult to train staff on new security products (see Figure 6). Complexity inhibits innovation. Market uncertainty stemming from government agencies, competitors, and customers requires companies to constantly change. Only those that are fast, connected, and inno

26、vative will be able to thrive in a shifting landscape. Unfortunately, those with security complexity struggle to evolve with the agility required: 50% report that their complexity has made it difficult to replace outdated security technology and 37% say that it has caused them to defer purchases in

27、fear of adding further complexity. Making matters worse, 29% feel locked in on specific vendors. While companies with highly complex security environments could benefit greatly from a more streamlined ecosystem, they face an uphill battle in their efforts to modernize relative to organizations with

28、less complexity. Organizations saddled with high complexity are more likely to cite cost struggles as well as technology and staff inefficiencies. Organizations believe a simplified environment would allow them to improve operational efficiency, security staff productivity, and security investment r

29、eturn. 6 SECURITY SIMPLIFICATION UNLOCKS INVESTMENT VALUE Despite the challenges that stand in their way, organizations with the greatest levels of complexity concern see simplification as a worthwhile effort. They associate several benefits with a more simplified environment from an improvement in

30、their ability to extract insight from data, to threat intelligence, to internal collaboration and user experience. Notably, 72% believe simplification would have a “moderate” or “significant” improvement in operational efficiency, security staff productivity (68%), and security investment return (58

31、%) addressing their highest priorities. “What challenges have you encountered due to the complexity of your security environment?” (Select all that apply) Figure 6: Security Complexity Erodes ROI, Limits Flexibility, And Stifl es Modernization Efforts Higher complexity concernLower complexity concer

32、n Base: 200 global security professionals with responsibility for security strategy and/or security technology purchases Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2019 35% 54% Ineffcient use of security technology/investments 48% 53% High costs 41% 50%

33、Diffculty replacing outdated security technology 35% 47% Ineffcient use of security staff time 34% 43% Diffculty training staff to use security products 27% 37% Deferring purchases in fear of adding additional complexity 19% 29% Overreliance/lock-in on specifc vendors Simplified Cybersecurity Portfo

34、lios Are The Way Forward Recognizing the challenges that come with security complexity and the benefits of simplification, the question becomes: What can organizations do to reduce security complexity? While all respondents report taking at least some steps to reduce complexity, fewer than half (44%

35、) describe their efforts as effective. For the purposes of this study, we refer to these organizations as “Champions,” and all others (i.e., those who cite their efforts as “somewhat,” “slightly,” or “not at all” effective) as “Challengers” (see Figure 7). Although Champions are more effective in th

36、eir simplification efforts, their simplification journeys are not complete. In fact, many of them still cite concerns with complexity. They have, however, started to make significant inroads in streamlining their security and have lessons to teach organizations that are still struggling. In particul

37、ar, Champions: Prioritize simplification. While it may seem obvious, one of the most distinct differences between Champions and Challengers is the level of priority theyre placing on simplification. Not only are Champions significantly more likely to make simplification a priority, theyre also more

38、likely to dedicate specific resources to the effort (see Figure 8). Seventy-five percent of Champions have dedicated resources relative to just 56% of Challengers. Additionally, 63% or more of Champions have employed each of the simplification tactics we tested. 7 “Champions” are those that have mad

39、e greater progress toward reducing security complexity. 8 “How effective have your efforts to reduce security complexity been thus far?” Figure 7: Defining “Champions” And “Challengers” “Which of the following are actions your organization has taken, or plans to take, to simplify your security envir

40、onment?” Figure 8: Champions Have Made More Progress On Simplification Initiatives Champions (N = 87) ChampionsChallengers Challengers (N = 113) Base: 200 global security professionals with responsibility for security strategy and/or security technology purchases Source: A commissioned study conduct

41、ed by Forrester Consulting on behalf of IBM, January 2019 “Very effective” or “effective” “Somewhat effective,” “slightly effective,” “not at all effective,” or “too early to tell” 56% 75% Dedicating specifc resources to reducing complexity 65% 75% Sharing data/intelligence across internal teams 50%

42、 66%Decreasing enterprise footprint; moving to a SaaS or hybrid environment 52% 66%Reducing repetitive spend (i.e., multiple expenses for similar needs) 36% 63% Reducing the number of point solutions and/or vendors 45% 63%Consolidating management software to a single platform or vendor 54% 63% Attem

43、pting to unify data silos 9 | Complexity In Cybersecurity Report 2019 Maximize existing investments. Chasing shiny new point solutions instead of optimizing technology that already exists can lead to multiple disconnected tools for similar needs. A more efficient approach is to look for opportunitie

44、s to reinvent and reinvest in a smaller set of existing tools, maximizing their utility. 5 Champions are doing just that: 63% have worked to reduce the number of point solutions or vendors in their security portfolios, relative to just 36% of Challengers. In addition, Champions are more likely to ha

45、ve reined in repetitive spending (66% versus 52%). Finally, Champions squeeze more value out of existing security tools they enjoy a much higher utilization rate across a range of security investments (see Figure 9). “To what extent is your organization fully utilizing your security technologies in

46、the following areas?” (Showing “Fully optimized we utilize all or most of the available functionality of these solutions”) Figure 9: Champions Extract More Value Out Of Existing Security Investments Base: 200 global security professionals with responsibility for security strategy and/or security tec

47、hnology purchases Source: A commissioned study conducted by Forrester Consulting on behalf of IBM, January 2019 43% 63% Network security 39% 52% Data security 25% 51% Cloud security (IaaS, PaaS, SaaS, hybrid) 36% 51% Web security 17% 43% Mobile security 19% 40% Application security 24% 36% Endpoint

48、security 17% 34% IoT security 19% 32% Identity and access management (IAM) 16% 31% Security automation and orchestration 12% 28% SIEM platforms ChampionsChallengers Champions are more likely to be consolidating their management software to a single platform or vendor. Consolidate management to a sin

49、gle platform. Champions are more likely to be consolidating management software to a single platform or vendor (63% vs. 45%). By managing their security assets in a consolidated platform, they can transform disparate solutions into a cohesive and connected security suite. Consolidated offerings give security teams more visibility and control into their environments; they also reduce the operational complexity and cost of managing individual point products and lay the foundation for automation and orchestration of security defenses. 6 ADDRESSING CO