Security vendors that hype up security threats to generate interest in their security platforms may end up doing long-lasting damage to their reputation, according to a new study that found the aggrandising could lead to disappointing technology investments.
Vendors frequently raise concern about the seriousness of threats to increase the perception that organisations face a higher risk if they don't buy new security protection, according to the Ponemon Institute survey of 4,881 IT and IT security practitioners in 15 countries. Fifty-eight percent said providers of security solutions hype the threats and risks companies face.
The hype may help free up budgeting dollars to invest in a new technology, but almost half (47 percent) of respondents said their company very frequently or frequently have purchased a security solution that was a disappointment.
Organisations are better off taking a systematic approach to evaluating vendor technologies, according to the study. Buying on fear causes organizations to conduct poorly executed risk assessments and miscalculate the need for additional personnel to manage new systems. Potential risks posed by emerging threats may be greatly reduced without buying new protection.
"Assess security solution capabilities and deployments against a comprehensive kill chain model to eliminate gaps and minimize excessive overlap," according to the study. "Expand beyond defenses overly dependent upon identifying an attack at only the “malware delivery stage".
Survey respondents feared advanced persistent threats and attacks designed to steal data the most, according to the survey. A website hack, a distributed denial of service attack designed to bring down critical business systems or an accidental data breach were also top concerns.
The two-part study, "Exposing the Cybersecurity Cracks: A Global Perspective", was commissioned by security vendor Websense. The Ponemon study found many long-standing hurdles getting in the way of security technology buying decisions. IT security professionals said they rarely speak to executive management, they fear disrupting users with lengthy downtime or are resigned to thinking they won't get funding for a new project until a serious security incident takes place.
What would get an organisation to rip out and replace a security vendor product? Downtime and difficult deployment or user interface triggered a change in security vendors the most, according to the survey. Budget changes also sometimes free up cash for new security platforms, and organisations are compelled to invest in system hardening and other security measures following a data breach, survey respondents said.
The study also found uncertainty about the effectiveness of security systems in place at their organisation. Forty-four percent of survey respondents said their company's security solutions do not provide adequate intelligence to inform them about an attempted cyberattack and the potential consequences. Similarly, the technology designed to detect a malware infection often fails to uncover the root cause of an attack, the survey found.
This article originally appeared at crn.com