Survey Respondents Identify Software Supply Chain and Cybersecurity Skills Shortages as Key Challenges; Cyber Defense Coordination and Threat Data Sharing Identified as Areas of Opportunity for More Government Leadership
New Trellix report finds 89 percent of respondents from India, Japan and Australia believe government-led initiatives can play a critical role in enhancing nations’ cyber defenses.
The lack of in-house cyber skills and implementation expertise are identified as critical barriers to deployment of advanced cyber defense technologies.
Sixty percent of Indian respondents identified lack of in-house implementation expertise as a barrier to implementation.
Eighty-two percent of global respondents believe software supply chain risk management is of either high or crucial importance for national security.
Only 40 percent of Australian, 35 percent of Indian, 26 percent of Japanese respondents claim to have fully implemented appropriate software supply chain risk management policies and processes.
Ninety-three percent of Indians, 90 percent of Australians and 85 percent of Japanese surveyed believe there is room for improvement in cybersecurity partnerships with their governments.
Nearly two-thirds (64 percent) of Indian respondents call for more software vulnerability data; 61 percent of Japanese and 56 percent of Australians surveyed call for more data on adversary attack vectors.
SAN JOSE, Calif., April 14, 2022–(BUSINESS WIRE)–Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today released a global Cyber Readiness Report gauging technology adoption and perceptions of government cybersecurity leadership related to cybersecurity standards and the cooperation between the public and private sectors.
The Trellix report shows 89 percent of respondents from India, Australia and Japan believe formalized, government-led initiatives can play an important role in improving their nations’ protection against cyber threats. Respondents from these countries see opportunities for improvement in their partnerships with government in areas such as cyber defense coordination, threat information sharing and software supply chain integrity.
The study, based on research conducted globally by Vanson Bourne, surveyed 900 cybersecurity professionals from organizations with 500 or more employees, including 200 respondents in India, Australia and Japan.
“Global tensions and cyber-warfare incidents in Ukraine sharpen our focus on the cyber readiness of government and critical infrastructure,” said Bryan Palma, CEO of Trellix. “Our report assesses the progress of new technology implementation, like XDR. It also identifies areas of opportunity for stronger public-private partnerships, where increased coordination will keep us ahead of our adversaries.”
Cybersecurity technology adoption. Among Japanese respondents, 32 percent claim to have fully implemented endpoint detection and response and extended detection and response (EDR-XDR) and cloud cybersecurity modernization. Zero trust and multifactor authentication (MFA) appeared to be close behind with 31 percent and 29 percent respectively.
Thirty-two percent of Indian respondents claim to have fully implemented cloud cybersecurity modernization. The cyber defense technologies lagging furthest behind within this group appear to be zero trust architectures and EDR-XDR with only 25 percent and 22 percent fully deployed respectively.
Thirty-one percent of Australian respondents reported fully deploying EDR-XDR solutions. Technologies lagging further behind include cloud cybersecurity modernization (24 percent), MFA (24 percent) and zero trust (16 percent).
Software Supply Chain Risk. The majority (82 percent) of global respondents believe software supply chain risk management policies and processes are of either high or crucial importance to national security.
Seventy-four percent of Japanese respondents identified these policies and processes as extremely or highly difficult to implement, and only 26 percent claim to have fully implemented such practices.
Sixty-five percent of Indian respondents and 63 percent of Australian respondents identified these policies and processes as difficult to implement, with only 40 percent of Australians and 35 percent of Indians claiming full implementation.
Sixty-four percent of Australians, 59 percent of Indians and 52 percent of Japanese surveyed support government mandates demanding cybersecurity standards for software. But respondents from all three countries are concerned there could be drawbacks to such mandates.
Fifty-one percent of Indian respondents believe such mandates could result in government requirements that are too complex and ultimately too expensive to implement. Around half of Australian respondents believe government software security mandates will be too complex and expensive to implement and that government timelines will be difficult to meet. Roughly the same percentages of Japanese are also concerned about the costs and complexity of such mandates.
Cyber Skills Challenges. While survey respondents identified a variety of barriers to the implementation of advanced technologies, a cybersecurity talent shortage was revealed across the three countries.
Sixty percent of Indian respondents and 45 percent of Japanese respondents identified a lack of implementation expertise as one of the biggest barriers to implementation. Forty-nine percent of Australian respondents and 42 percent of Japanese respondents identified a lack of in-house staff resources as one of their biggest barriers. These findings mirrored cybersecurity skills shortages in the U.S. and Europe.
Palma continued: “The cyber skills gap is well known; the report highlights the deficit is stifling the deployment of cybersecurity technology. Whatever innovation advantage the U.S. and its allies believe we have is irrelevant if we cannot implement the solutions.”
Public-Private Partnerships. Ninety-three percent of Indians, 90 percent of Australians and 85 percent of Japanese surveyed believe there is room for improvement in the level of cybersecurity partnerships between their national governments and organizations.
Fifty-nine percent of Indians surveyed believe their government could provide more funding to organizations such as theirs to improve cybersecurity, and 53 percent favor tighter cooperation on the investigation of attacks following their discovery.
Half of Australian respondents supported a combination of incident notification and liability protection to facilitate sharing of attack data between impacted organizations, government partners and industry audiences. Half of Japanese respondents showed support for tighter cooperation on the investigation of attacks following their discovery.
In terms of the types of data government should share to help organizations better protect themselves, nearly two-thirds (64 percent) of Indian respondents valued more data about common cybersecurity vulnerabilities. Sixty-one percent of Japanese and 56 percent of Australians surveyed said they would like to receive more data on attack vectors used by adversaries. Fifty-eight percent of Japanese, 52 percent of Indians and 44 percent of Australians surveyed would like to receive more data on cyber-attacks in progress.
Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix’s security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to empower over 40,000 business and government customers. More at https://trellix.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20220413005347/en/