Exit The Lean IT Security Hero Survey Welcome! Thank you for participating in our survey. Your input is highly valued. Concluding 2021 and looking forward to 2022, this survey seeks to understand if and how lean IT security teams manage their security and prioirities. At the end of the survey, you'll be able to receive the survey results and get a MalwareBuster t-shirt. The Cynet Team Question Title * 1. Can you share any insights or tips for lean IT security teams that we can publish on our community board under your name? Question Title * 2. Which of the following best describes your industry? Automotive Education Finance & Financial Services Healthcare & Pharmaceuticals IT reselling/consulting/managed services/distribution Manufacturing Retail Telecommunications agency/master-agency/consulting Other (please specify) Question Title * 3. Where is your company headquartered? North America Europe Other Question Title * 4. Which of the following best describes your job role? IT Administrator Security Architect Software Developer Information Security Manager / Director CISO CTO DevOps Consultant other Question Title * 5. Approximately how many people does your company employ? Less than 100 100 to 249 250 and 499 500 to 999 1,000 to 1999 2,000 to 4999 5,000+ Question Title * 6. How many people are on your security team (including yourself)? It’s just me 2 to 5 people 6 to 9 people More than 10 Question Title * 7. The security tools technology we currently have in use includes the following: Already Using Plan to purchase (next 12 months) Plan to purchase (in the future) Want to but it's too expensive Want to but don't have the team to operate No plans to purchase Don't know NGAV NGAV Already Using NGAV Plan to purchase (next 12 months) NGAV Plan to purchase (in the future) NGAV Want to but it's too expensive NGAV Want to but don't have the team to operate NGAV No plans to purchase NGAV Don't know EDR/EPP EDR/EPP Already Using EDR/EPP Plan to purchase (next 12 months) EDR/EPP Plan to purchase (in the future) EDR/EPP Want to but it's too expensive EDR/EPP Want to but don't have the team to operate EDR/EPP No plans to purchase EDR/EPP Don't know XDR XDR Already Using XDR Plan to purchase (next 12 months) XDR Plan to purchase (in the future) XDR Want to but it's too expensive XDR Want to but don't have the team to operate XDR No plans to purchase XDR Don't know NTA/NDR NTA/NDR Already Using NTA/NDR Plan to purchase (next 12 months) NTA/NDR Plan to purchase (in the future) NTA/NDR Want to but it's too expensive NTA/NDR Want to but don't have the team to operate NTA/NDR No plans to purchase NTA/NDR Don't know UEBA UEBA Already Using UEBA Plan to purchase (next 12 months) UEBA Plan to purchase (in the future) UEBA Want to but it's too expensive UEBA Want to but don't have the team to operate UEBA No plans to purchase UEBA Don't know Deception Deception Already Using Deception Plan to purchase (next 12 months) Deception Plan to purchase (in the future) Deception Want to but it's too expensive Deception Want to but don't have the team to operate Deception No plans to purchase Deception Don't know SNOW SNOW Already Using SNOW Plan to purchase (next 12 months) SNOW Plan to purchase (in the future) SNOW Want to but it's too expensive SNOW Want to but don't have the team to operate SNOW No plans to purchase SNOW Don't know SIEM SIEM Already Using SIEM Plan to purchase (next 12 months) SIEM Plan to purchase (in the future) SIEM Want to but it's too expensive SIEM Want to but don't have the team to operate SIEM No plans to purchase SIEM Don't know SOAR SOAR Already Using SOAR Plan to purchase (next 12 months) SOAR Plan to purchase (in the future) SOAR Want to but it's too expensive SOAR Want to but don't have the team to operate SOAR No plans to purchase SOAR Don't know SEG SEG Already Using SEG Plan to purchase (next 12 months) SEG Plan to purchase (in the future) SEG Want to but it's too expensive SEG Want to but don't have the team to operate SEG No plans to purchase SEG Don't know CASB CASB Already Using CASB Plan to purchase (next 12 months) CASB Plan to purchase (in the future) CASB Want to but it's too expensive CASB Want to but don't have the team to operate CASB No plans to purchase CASB Don't know Question Title * 8. My organization's primary tool for threat detection is: EDR (Endpoint Detection & Response) XDR (Extended Detection & Response) NTA/NDR (Network Traffic Analysis/Network Detection & Response) Combination of EDR & NTA Other I don't know Question Title * 9. If you use an EDR/XDR solution, are you considering replacing it in the next 12 months? Yes No Not relevant Question Title * 10. If you plan to consolidate your security platforms, what kind of consolidation platforms do you plan to use? XDR SIEM SOAR Other We don’t plan to consolidate Other (please specify) Question Title * 11. Are parts of your security operations outsourced to external security services? MDR service provided by my endpoint security provider MDR service provided by an independent services company MSSP service vCISO Other (please specify) We don’t outsource our security services Question Title * 12. If you are using an MDR, what were the top three criteria for choosing your outsourced partner? 1 2 3 24x7 Critical Alerting and Monitoring 24x7 Critical Alerting and Monitoring 1 24x7 Critical Alerting and Monitoring 2 24x7 Critical Alerting and Monitoring 3 Incident Reports Incident Reports 1 Incident Reports 2 Incident Reports 3 Threat Response Remediation Threat Response Remediation 1 Threat Response Remediation 2 Threat Response Remediation 3 Root Cause/Impact Analysis Root Cause/Impact Analysis 1 Root Cause/Impact Analysis 2 Root Cause/Impact Analysis 3 Threat Response Recommendations Threat Response Recommendations 1 Threat Response Recommendations 2 Threat Response Recommendations 3 Access to MDR analysts Access to MDR analysts 1 Access to MDR analysts 2 Access to MDR analysts 3 Other (specify) Other (specify) 1 Other (specify) 2 Other (specify) 3 Question Title * 13. What is the biggest barrier for your company when trying to maintain a good security posture? (Select all that apply) Lack of integration between security products Effective user awareness training Lack of skilled security personnel Excessive manual data analysis Remote work force and many locations Lack of budget Multiple cloud providers Managing policies across multiple point solutions Lack of support from C-level Other (please specify) Question Title * 14. What are the biggest pains related to operating your threat protection products? (rank 1 - 5, where 1 is top pain) 1 2 3 4 5 Statement Statement 1 Statement 2 Statement 3 Statement 4 Statement 5 Missing Features/Capabilities Missing Features/Capabilities 1 Missing Features/Capabilities 2 Missing Features/Capabilities 3 Missing Features/Capabilities 4 Missing Features/Capabilities 5 Missing reporting capabilities Missing reporting capabilities 1 Missing reporting capabilities 2 Missing reporting capabilities 3 Missing reporting capabilities 4 Missing reporting capabilities 5 Lack of forensic information Lack of forensic information 1 Lack of forensic information 2 Lack of forensic information 3 Lack of forensic information 4 Lack of forensic information 5 Creating single security platform from multiple tools Creating single security platform from multiple tools 1 Creating single security platform from multiple tools 2 Creating single security platform from multiple tools 3 Creating single security platform from multiple tools 4 Creating single security platform from multiple tools 5 Deployment and maintenance of disparate technologies on one machine Deployment and maintenance of disparate technologies on one machine 1 Deployment and maintenance of disparate technologies on one machine 2 Deployment and maintenance of disparate technologies on one machine 3 Deployment and maintenance of disparate technologies on one machine 4 Deployment and maintenance of disparate technologies on one machine 5 Computing lag on deployed devices Computing lag on deployed devices 1 Computing lag on deployed devices 2 Computing lag on deployed devices 3 Computing lag on deployed devices 4 Computing lag on deployed devices 5 Overlapping capabilities of disparate technologies Overlapping capabilities of disparate technologies 1 Overlapping capabilities of disparate technologies 2 Overlapping capabilities of disparate technologies 3 Overlapping capabilities of disparate technologies 4 Overlapping capabilities of disparate technologies 5 Product/Solution Complexity Product/Solution Complexity 1 Product/Solution Complexity 2 Product/Solution Complexity 3 Product/Solution Complexity 4 Product/Solution Complexity 5 Too many alerts Too many alerts 1 Too many alerts 2 Too many alerts 3 Too many alerts 4 Too many alerts 5 Question Title * 15. How much do you agree with the following statement: “Compared to companies with more staff...:”(1-strongly agree, 2-somewhat agree, 3-neither agree nor disagree, 4-somewhat disagree, 5-strongly disagree) 1 2 3 4 5 Our risk of attack is greater Our risk of attack is greater 1 Our risk of attack is greater 2 Our risk of attack is greater 3 Our risk of attack is greater 4 Our risk of attack is greater 5 Our threat detection and response times are longer Our threat detection and response times are longer 1 Our threat detection and response times are longer 2 Our threat detection and response times are longer 3 Our threat detection and response times are longer 4 Our threat detection and response times are longer 5 We had more security incidents We had more security incidents 1 We had more security incidents 2 We had more security incidents 3 We had more security incidents 4 We had more security incidents 5 Our security team’s ability to protect our company is lower Our security team’s ability to protect our company is lower 1 Our security team’s ability to protect our company is lower 2 Our security team’s ability to protect our company is lower 3 Our security team’s ability to protect our company is lower 4 Our security team’s ability to protect our company is lower 5 We have fewer security tools We have fewer security tools 1 We have fewer security tools 2 We have fewer security tools 3 We have fewer security tools 4 We have fewer security tools 5 Question Title * 16. How much do you agree with the following statement: “When selecting security tools, my organization…” (1-strongly agree, 2-somewhat agree, 3-neither agree nor disagree, 4-somewhat disagree, 5-strongly disagree) 1 2 3 4 5 We prefer to consolidate security into a small number of platforms We prefer to consolidate security into a small number of platforms 1 We prefer to consolidate security into a small number of platforms 2 We prefer to consolidate security into a small number of platforms 3 We prefer to consolidate security into a small number of platforms 4 We prefer to consolidate security into a small number of platforms 5 We look to external security services to extend our capabilities We look to external security services to extend our capabilities 1 We look to external security services to extend our capabilities 2 We look to external security services to extend our capabilities 3 We look to external security services to extend our capabilities 4 We look to external security services to extend our capabilities 5 Ease of implementation is a top consideration for tool selection Ease of implementation is a top consideration for tool selection 1 Ease of implementation is a top consideration for tool selection 2 Ease of implementation is a top consideration for tool selection 3 Ease of implementation is a top consideration for tool selection 4 Ease of implementation is a top consideration for tool selection 5 Being able to manage the tools ourselves is important Being able to manage the tools ourselves is important 1 Being able to manage the tools ourselves is important 2 Being able to manage the tools ourselves is important 3 Being able to manage the tools ourselves is important 4 Being able to manage the tools ourselves is important 5 Integrated solutions provide equal or better security for our small team Integrated solutions provide equal or better security for our small team 1 Integrated solutions provide equal or better security for our small team 2 Integrated solutions provide equal or better security for our small team 3 Integrated solutions provide equal or better security for our small team 4 Integrated solutions provide equal or better security for our small team 5 Question Title * 17. Our 2022 plans to improve our security position include the following: (1-very necessary, 2-somewhat necessary, 3-neutral, 4-somewhat unnecessary, 5-completely unnecessary) 1 2 3 4 5 Invest more in automation solutions and processes Invest more in automation solutions and processes 1 Invest more in automation solutions and processes 2 Invest more in automation solutions and processes 3 Invest more in automation solutions and processes 4 Invest more in automation solutions and processes 5 Consolidate security tools Consolidate security tools 1 Consolidate security tools 2 Consolidate security tools 3 Consolidate security tools 4 Consolidate security tools 5 Invest in simplifying security operations for our team Invest in simplifying security operations for our team 1 Invest in simplifying security operations for our team 2 Invest in simplifying security operations for our team 3 Invest in simplifying security operations for our team 4 Invest in simplifying security operations for our team 5 Services Services 1 Services 2 Services 3 Services 4 Services 5 Introduce or extend outsourced service (MDR/MSSP) to supplement team Introduce or extend outsourced service (MDR/MSSP) to supplement team 1 Introduce or extend outsourced service (MDR/MSSP) to supplement team 2 Introduce or extend outsourced service (MDR/MSSP) to supplement team 3 Introduce or extend outsourced service (MDR/MSSP) to supplement team 4 Introduce or extend outsourced service (MDR/MSSP) to supplement team 5 Introduce or extend outsourced service (MDR/MSSP) to fill security gaps Introduce or extend outsourced service (MDR/MSSP) to fill security gaps 1 Introduce or extend outsourced service (MDR/MSSP) to fill security gaps 2 Introduce or extend outsourced service (MDR/MSSP) to fill security gaps 3 Introduce or extend outsourced service (MDR/MSSP) to fill security gaps 4 Introduce or extend outsourced service (MDR/MSSP) to fill security gaps 5 Personnel Personnel 1 Personnel 2 Personnel 3 Personnel 4 Personnel 5 Increase Investment in security training and certifications Increase Investment in security training and certifications 1 Increase Investment in security training and certifications 2 Increase Investment in security training and certifications 3 Increase Investment in security training and certifications 4 Increase Investment in security training and certifications 5 Add one security person Add one security person 1 Add one security person 2 Add one security person 3 Add one security person 4 Add one security person 5 Add 2 or more security people Add 2 or more security people 1 Add 2 or more security people 2 Add 2 or more security people 3 Add 2 or more security people 4 Add 2 or more security people 5 Question Title * 18. Thank you for your participation! Fill in your details to receive the survey results and a MalwareBuster t-shirt (only available to respondents from the United States, Canada, Israel, and Europe). Name Company Address Address 2 City/Town State/Province ZIP/Postal Code Country Email Address Phone Number Question Title * 19. Last, we need your size to send your T-shirt! Size Male or female Please select one Small Medium Large X-Large Please select one Size menu Male Female Please select one Male or female menu Done
