Small Security Teams Face Greater Risks, Turn to XDR, Cynet Finds

Organizations with small security teams continue to face staffing, skills, resource challenges that place them at a greater risk than large enterprises and drives them to consolidate their platforms with advanced technologies such as extended detection and response (XDR), a recent Cynet survey found. Organizations with small security teams continue to face staffing, skills, resource challenges that place them at a greater risk than large enterprises and drives them to consolidate their platforms with advanced technologies such as extended detection and response (XDR), a recent Cynet survey found. XDR provider Cynet surveyed 200 CISOs of small and medium enterprises with five or fewer security staff members and $1 million or less in security budgets. It found that more than half (58%) of the respondents considered their cyberattack risks higher than large enterprises, which often are seen as a bigger target. A large majority (94%) of those surveyed stated they have difficulty in maintaining their security posture, citing factors such as a lack of skilled security personnel (40%), excessive manual analysis (37%), and the increasingly remote workforce (37%). These challenges resulted in them paying less attention to security alerts this year, which Cynet warns is a dangerous trend since any alert could be part of a larger threat. Additionally, nearly 90% of those surveyed faced barriers in operating and managing their threat protection products due to overlapping capabilities (44%) and difficulty visualizing the full scope of an attack (42%). “CISOs with small security teams struggle to purchase and maintain the comprehensive set of security solutions needed to protect their companies from increasingly sophisticated threats,” Cynet co-founder and CEO Eyal Gruner said in a statement. Nearly all CISOs surveyed (96%) plan to consolidate their security platforms down to more robust and comprehensive tools in order to gain more control and visibility, Cynet found. This finding is in line with the need for a more unified security platform that larger security vendors such as Cisco and Palo Alto Networks have seen.  Survey respondents stated they wanted to reduce the number of alerts, reduce their chance of missing threats, lower the need for specific expertise, and make it easier to correlate findings and visualize the risk landscape. The report also showed that 63% of respondents named XDR as their top method of consolidation. XDR tool usage among those surveyed teams jumped from 15% last year to 30% in 2022.  XDR commonly combines elements of security information and event management (SIEM); security orchestration, automation and response (SOAR); endpoint detection and response (EDR); and network traffic analysis (NTA) in a software-as-a-service (SaaS) platform to centralize security data and incident response. Remote work is driving the use of EDR tools as 77% of the respondents saw EDR as the No. 1 tool for threat detection, which increased significantly from 23% in 2021.  “It’s clear that small security teams are seeing the value in robust EDR/XDR solutions, especially in remote working landscapes where employees are often not on the company network,” Cynet noted.