The document presents findings from a research study focused on cyber-security trends, featuring insights from 250 North American respondents, primarily from director-level positions in various industries. Key highlights include the critical security challenges organizations face, the adoption of managed security service providers (MSSPs), and the importance of cloud security monitoring. Additionally, the document addresses the impact of emerging technologies like AI and IoT on security practices and the operational impediments to effective security analytics.

1. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
David Monahan
Managing Research Director
Enterprise Management Associates
EMA Megatrends in
Cyber-Security

2. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING2 © 2019 Enterprise Management Associates
Watch the On-Demand Webinar
• EMA Megatrends in Cyber-Security On-Demand
webinar is available here:
https://ema.wistia.com/medias/flzv8oangz
• Check out upcoming webinars from EMA here:
http://www.enterprisemanagement.com/freeResearch

3. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING3 © 2019 Enterprise Management Associates, Inc.
Today’s Speaker
David Monahan, Managing Research Director, Security and
Risk Management, EMA
David is a senior information security executive with several years
of experience. He has organized and managed both physical and
information security programs, including security and network
operations (SOCs and NOCs) for organizations ranging from
Fortune 100 companies to local government and small public and
private companies. He has diverse audit, compliance, risk, and
privacy experience, such as providing strategic and tactical
leadership to develop, architect, and deploy assurance controls,
delivering process and policy documentation and training, and
working on educational and technical solutions.

4. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING4 © 2019 Enterprise Management Associates, Inc.
Sponsors

5. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING5 © 2019 Enterprise Management Associates, Inc.
Demographics
• 250 respondents
• Focused on North America
• 46% Director and above
• Org Sizes:
• 19% SMB, 48% Midsized, 33% Enterprise/18% VLE
• Top 5 industries:
• High-Tech, MSSP, Finance/Banking/Insurance, Manufacturing,
Infrastructure/Utilities/Shipping
• 58% of revenues fall between $20M and $1B USD
• 13% below and 27% above
• 50% of IT budgets fall between $5M and $50M USD
• 17% below and 32% above
• Average IT budget increase, between 10% and 25%
• No decreases identified

6. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING6 © 2019 Enterprise Management Associates, Inc.
Ratio of company dollars spent on managed
security services compared to total spend on
security
2%
10%
16%
22%
37%
11%
2%
33%
Greater than 90%
Greater than 75% but not more than 90%
Greater than 50% but not more than 75%
Greater than 25% but not more than 50%
Up to 25%
We have none, but we are investigating
We have none, and are not interested in investigating
Average MSSP budget consumption

7. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Security Initiatives

8. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING8 © 2019 Enterprise Management Associates, Inc.
Top five expanding security initiatives driving
current priorities in the overall security program
65%
62%
60%
60%
59%
Improving security monitoring of cloud
environments
Improving endpoint protection capabilities
Improving security analytics capabilities
Improving security visibility and context within
the environment
ITOps and DevOps integrations

9. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Cloud in Security

10. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING10 © 2019 Enterprise Management Associates, Inc.
Security’s role in public cloud initiatives
Leading roll in all,
58%
Contributing role in all,
32%
Leading role in some,
4%
Contributing role in some, 6%

11. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING11 © 2019 Enterprise Management Associates, Inc.
Organizations currently using cloud to support
SecOps and/or ITOps workloads or functions
98%
2%
Yes
No

12. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING12 © 2019 Enterprise Management Associates, Inc.
Many cloud consumers [errantly] believe the
cloud providers are responsible for security
53%
21%
15%
All or majority provider-owned
Shared equally
All or majority customer-owned

13. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING13 © 2019 Enterprise Management Associates, Inc.
Top three security challenges in public cloud
1. Security visibility within the cloud infrastructure due to provider limitations
2. Inability to meet compliance needs
3. Security visibility within the cloud infrastructure due to architectural
limitations

14. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
MSSP Adoption and Success

15. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING15 © 2019 Enterprise Management Associates, Inc.
Top three drivers for engaging an MSSP
55%
50%
38%
MSSP does it better regardless of in-house
skills or cost
MSSP provides lower TCO than in-house
MSSP delivers better ROI/Value

16. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING16 © 2019 Enterprise Management Associates, Inc.
Top three reasons why customers engage
MSSP services over using internal SecOps
22%
21%
16%
Reduce CapEx or OpEx
Focus on increased innovation within IT
Reduced downtime

17. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING17 © 2019 Enterprise Management Associates, Inc.
MSSP success levels vs. internal teams
51%
44%
4%
0%
0%
42%
52%
5%
0%
0%
Successful
Somewhat successful
Neither successful nor unsuccessful
Somewhat unsuccessful
Unsuccessful
MSSP Internal

18. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Internal SecOps

19. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING19 © 2019 Enterprise Management Associates, Inc.
Alert Fatigue
227
224
Average # of total alerts
Average # of critical alerts

20. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING20 © 2019 Enterprise Management Associates, Inc.
Inter-team handoff frustrations(cont’d)
68%
60%
42%
32%
32%
27%
Inability to share data
Inability to collect source data
Inadequate storage to maintain data
Internal politics
Conflicts over data ownership
Poor processes
76% of teams suffer from handoff frustrations

21. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING21 © 2019 Enterprise Management Associates, Inc.
Too many security consoles
65%
34%
1%
1%
Actively trying to consolidate tools
wherever possible
Consolidating tools where possible when
renewals come due
Not activelytrying to consolidate
Don't know
10%
22%
Average # of security interfaces in
enterprises
(5K and greater employees)
Largest numbers of interfaces
(Commonly reported)

22. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING22 © 2019 Enterprise Management Associates, Inc.
Monitoring features providing the most value to
SecOps
50%
44%
42%
37%
32%
Automated event correlation and
enrichment of security alerts
Enhanced alert/alarm management
Automated notifications/escalations
Automated change management
Automated trouble ticket generation
and data gathering for analysis

23. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Analytics

24. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING24 © 2019 Enterprise Management Associates, Inc.
Top three use cases for security analytics
55%
46%
41%
Security process automation
Predictive security analytics
Security simulation

25. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING25 © 2019 Enterprise Management Associates, Inc.
Top three operational impediments for security
analytics
47%
41%
36%
Security data for analysis is
straining storage capacity
Internal skills or knowledge gaps
Process and political issues in
sharing data effectively among
relevant stakeholders

26. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
IoT Initiatives and Threats

27. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING27 © 2019 Enterprise Management Associates, Inc.
Organizations working on IoT initiatives
66%
18%
16%
Yes
No, and none planned
No, but we are in the planning phase

28. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING28 © 2019 Enterprise Management Associates, Inc.
Perceived threat levels imposed by managed
and unmanaged IoT devices in the environment
75%
10%
12%
2%
61%
24%
10%
5%
High
Moderate
Low
None
Managed Unmanaged

29. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING29 © 2019 Enterprise Management Associates, Inc.
Attacks by IoT devices
27%
22%
20%
6%
25%
My organization was attacked using an external
IoT device
My organization was attacked using an internal
IoT device
An internal IoT device was detected as part of
an external attack
An internal IoT device was detected as part of
an internal attack
None of the above

30. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Endpoint Security

31. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING31 © 2019 Enterprise Management Associates, Inc.
Infection rates by malware class
38%
37%
31%
15%
27%
ATA
APT
Ransomware
Other destructive malware
None that I am aware of

32. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING32 © 2019 Enterprise Management Associates, Inc.
Endpoint incidents that bypassed endpoint
security, causing severe damage
77%
65%
39%
19%
ATA
APT
Ransomware
Other destructive malware

33. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING33 © 2019 Enterprise Management Associates, Inc.
Endpoint attacks bypassing current endpoint
solutions that required six or more hours to
resolve
48%
52%
26%
16%
ATA
APT
Ransomware
Other destructive malware

34. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Other Trends

35. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING35 © 2019 Enterprise Management Associates, Inc.
Frequency of sensitive data leakage from
sharing and collaboration
27%
19%
24%
21%
8%
Very often
Often
Sometimes
Rarely
I am not aware of any data leakage

36. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING36 © 2019 Enterprise Management Associates, Inc.
DDoS attacks on organizations
29%
24%
25%
22%
Yes, we experienced an attack in the past 6
months
Yes, we experienced an attack in the past 12
months
Yes, but not in the last 12 months
No, we have never experienced a DDoS

37. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING37 © 2019 Enterprise Management Associates, Inc.
Risk of damage from a DDoS now compared to
one year ago
62%
22%
16%
Increasing
Neither increasing nor decreasing
Significantly decreasing

38. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING38 © 2019 Enterprise Management Associates, Inc.
Perspectives on AI, ML, and Deep Learning
36%
49%
11%
4%
AI has become a buzzword.
I do not believe AI is commercially available.
I believe AI is distinguishable from ML and DL
and is offered in some solutions.
I believe AI is distinguishable from ML and DL
and is offered in numerous solutions.
I have no real idea or means of making that
distinction.

39. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING39 © 2019 Enterprise Management Associates, Inc.
Questions
Get the report:
http://bit.ly/2H7LSQX