how core security is to the business

 “In a review of the Forrester report, the number of companies that had a data breach within the last year is staggering,” Mike Weber, vice president at security consulting firm Coalfire told Dice. “However, the impact of a data breach can range from inconsequential to catastrophic. I would surmise that the vast majority of these are somewhere in between and that these were mostly not life-changing events for these organizations. This shouldn’t reduce the gravity of the report, though.”

At a time when breaches are increasing, SecOp analysts and staff feel overworked, with half of the Forrester survey respondents noting that they struggle to institute additional threat hunting programs to help supplement automated detection capabilities. This means that critical vulnerabilities or cyber threats can go undetected.

“Everybody talks about how core security is to the business. But look inside any business in the world and what you will find is a somewhat lackluster commitment to full computer science vs computer programming support,” said Brandon Hoffman, the CISO of security and cloud firm Netenrich. “The majority of issues faced by organizations could be resolved by proper funding and cultural commitment to security initiatives. Lack of proper tooling, or adoption of purchased tools, and the lack of skilled people are a direct result of the lack of commitment. It is a constant struggle though because security is a cost center from a business perspective.”