5 Important Things We Learned From Surveys From Smaller Enterprise CISOs


New research shows that a lack of staff, skills and resources is driving smaller teams to outsource security.

As business returns to normal (however “normal” may seem), CISOs at small and medium-sized enterprises (500 – 10,000 employees) were asked to cybersecurity challenges and prioritiesand their responses were compared with those of a similar 2021 survey.

Here are the top 5 things we learned from 200 comments:

1 — Remote working has accelerated the use of EDR technologies

By 2021, 52% of surveyed CISOs trusted endpoint detection and response (EDR) tools. This year, that number has risen to 85%. In contrast, last year 45% used network discovery and response tools (NDR), while this year only 6% used NDR. Compared to 2021, double the number of CISOs and their organizations see the value of comprehensive detection and response (XDR) tools, which combine EDR with integrated network signals. This is likely due to the proliferation of remote working, which is more difficult to secure than when employees work within the corporate network environment.

2 — 90% of CISOs use an MDR solution

There is a huge skills gap in the cybersecurity industry and CISOs are under increasing pressure to recruit internally. Especially in small security teams where extra staff isn’t the answer, CISOs are turning to outsourced services to fill the void. In 2021, 47% of surveyed CISOs trusted a Managed Security Services Provider (MSSP), while 53% used a managed detection and response service (MDR). This year only 21% are using an MSSP and 90% are using MDR.

3 — Overlapping threat protection tools are the main pain point for small teams

The majority (87%) of companies with small security teams struggle to manage and use their threat protection products. Of these companies, 44% struggle with overlapping capabilities, while 42% struggle to visualize the full picture of an attack as it occurs. These challenges are intrinsically linked as teams find it difficult to get a single, comprehensive picture with multiple tools.

4 — Small Security Teams Ignore More Alerts

Small security teams pay less attention to their security alerts. Last year, 14% of CISOs said they only look at critical alerts, this year that number rose to 21%. In addition, organizations are increasingly letting automation take over. Last year, 16% said they ignore automatically remediated alerts, and this year, 34% of small security teams did.

5 — 96% of CISOs plan to consolidate security platforms

Nearly all CISOs surveyed have security tools consolidation on their to-do list, compared to 61% in 2021. Consolidation doesn’t just reduce the number of alerts – making it easier to prioritize and see all threats – respondents think it stops them from doing so missing threats (57%), reducing the need for specific expertise (56%) and making it easier to correlate findings and visualize the risk landscape (46%). XDR technologies have emerged as the preferred method of consolidation, with 63% of CISOs calling it their first choice.

Download 2022 CISO Survey of Small Cyber ​​Security Teams to see all the results.