Tenable의 조사에 의하면 74%의 일본에 조직이 선제적 사이버 방어를 위한 더 많은 리소스를 추구

Tenable®, Inc., the Exposure Management company, published a new study revealing that 74% of Japanese respondents believe their organisations could better defend against cyberattacks with more resources dedicated to preventive cybersecurity. However, a concerning 68% indicated that their cybersecurity teams spend the majority of their time addressing critical incidents, hindering them from taking a proactive stance.

The study further revealed that over the past two years, Japanese organisations successfully thwarted 63% of cyberattacks. However, this meant they were left vulnerable to the remaining 37%, causing them to resort to reactive measures rather than preventing the attacks from the outset.

The data is drawn from, “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity Teams in Japan,” a commissioned study of 825 IT and cybersecurity professionals including 50 Japanese respondents conducted in 2023 by Forrester Consulting on behalf of Tenable.

The study, which emphasises the significance of adopting a proactive cybersecurity approach, found that a core reason for the prevalent reactivity in Japanese organisations’ cybersecurity practices is the lack of alignment in goals between IT and security teams. Seven in 10 (72%) organisations say their IT teams are more concerned with uptime than patching/remediation. The disparity results in a lack of coordination between the two teams, a challenge acknowledged by 42% of Japanese organisations.

Japanese organisations were also struggling to identify the right threats to remediate, with only 22% of respondents reporting they were “extremely confident” that their organisation’s cybersecurity practices were successfully reducing their risk exposure. An even lower 10% were “extremely confident” that the vulnerabilities they prioritised for remediation over the past year posed the greatest threats to the organisation.

“Siloed cybersecurity tools, and by extension, the teams behind them, are inadvertently preventing organisations from having a clear, continuous, and comprehensive view of their cyber risk,” said Naoya Kishima, Country Manager at Tenable Japan. “Internal mindsets further complicate matters, and make collaboration between IT and security teams challenging.”

The use of numerous third-party technologies without established processes poses a significant vulnerability for Japanese organizations. A striking 72% of respondents utilise third-party programs for SaaS apps and services, but fewer than half (46%) possess high to very high visibility into third-party environments.

Naoya noted, “While there are no quick fixes to these challenges when we look at key differences between low-maturity and high-maturity organisations across the overall sample, some themes begin to emerge that can serve as a guide for organisations looking to reduce their risk.”

• Low-maturity organisations are more likely to be stuck in reactive mode. In the past 12-24 months, high-maturity organisations preventively defended against 61% of the attacks they experienced and reactively mitigated against the rest. In low-maturity organisations, 56% of attacks were preventively defended while 44% were reactively mitigated. 
• High-maturity organisations see the value in data aggregation: 57% use aggregation tools to collect and analyse data to quantify risk exposure, compared with only 46% of low-maturity organisations. 
• High-maturity organisations spend far less time each month producing reports for business leaders than their low-maturity counterparts: 57% of high-maturity organisations say it takes 11 hours or more to produce such reports, compared with 72% of low-maturity organisations. 
  
   

-ENDS-

To read the full study, visit here. 

Note to Editors:

• Forrester Consulting conducted an online survey of 825 IT and cybersecurity professionals including 50 Japanese respondents at large enterprises in the US, the UK, Germany, France, Australia, Mexico, India, Brazil, Japan, and Saudi Arabia. The study was fielded in March 2023.
  
   
• Maturity Modelling: Respondents were scored based on their answers to questions measuring different aspects of their maturity: their use of preventive security tools, how they prioritise resources to reduce threat exposure, and the degree of visibility and collaboration within their organisation. Forrester scored those in the bottom 20% as low maturity, the middle 60% as medium maturity, and the top 20% as high maturity.

About Tenable
Tenable® is the Exposure Management company. 전 세계 약 43,000개의 조직이 Tenable을 사용하여 사이버 위험을 이해하고 낮추고 있습니다.Nessus®의 개발사인 Tenable은 취약성에 대한 전문성을 확장하여 모든 컴퓨팅 플랫폼에서 디지털 자산을 확인하고 보호할 수 있는 세계 최초의 플랫폼을 제공했습니다.Fortune 500 기업의 약 60%, Global 2000 기업의 약 40% 및 대규모 정부 기관이 Tenable의 고객입니다.Learn more at tenable.com.

###

Media Contact:
[email protected]