No one knows the challenges of securing an organization like the professionals who carry that responsibility daily. We set out to better understand the things they deal with and what they plan to focus on in our inaugural 2024 Fortra State of Cybersecurity Survey. Here are five key takeaways from the survey.
81% Call Phishing and Smishing Top Security Risk for 2024
Both phishing and smishing (SMS phishing or text message phishing) are common tactics and, unsurprisingly, remain at the top of the list. Human nature hasn’t changed, so these tried-and-true methods continue to work. Phishing targets a high-traffic area of business – our inboxes – and is getting increasingly crafty with the help of AI. We don’t need to repeat how pernicious or convincing today’s deepfake capabilities are, with the capacity to convincingly reproduce human voices, faces, and even email communication styles in nearly every language, and with perfect accuracy. With its ability to produce disinformation, AI continues to cause unease as leaders in security, government, and other industries brace for the year ahead.
Smishing also plays off a falsely based trust and is hitting companies where they least expect it: their non-security-savvy employees, where they can hit them off hours and leverage mobile entry points to gain access to corporate resources. Work-from-home habits play into the heightened danger of smishing attacks, with mandatory MFA and security awareness training programs persisting as two vital ways to fight back. Employees should be wary of unsolicited messages and only respond to a company’s link, text, or phone number they’ve verified independently. While they may not be a prime target, the company they are connected to most likely is.
The SFT Threat Protection bundle from Fortra allows organizations to collaborate safely without malware entering the organization, or employees losing or mishandling data.
Hybrid Cloud Is the Answer for Digital Transformation
64 percent of respondents rely on hybrid cloud hybrid and a lingering on-premises footprint. This is an important trend to note, as many cloud-native solutions fail to properly support on-premises security. Certain industries don’t have the luxury of moving all assets to the cloud, either as soon as they wish or at all, due to industry regulations and integral physical underpinnings. Take critical infrastructure, for example. Legacy architecture like the U.S. electric grid or point-to-multipoint SCADA (Supervisory Control and Data Acquisition) systems were not designed with today’s security hazards in mind, and so are vulnerable when exposed to the public internet, and especially the cloud.
Although the cloud is an undeniable component of digital transformation, nearly 2/3 of respondents say they plan to keep an on-premises footprint. This means hybrid solutions will be in high demand during 2024.
Comprehensive secure file transfer solutions, such as GoAnywhere MFT, deliver the security and control needed to move data safely between systems, locations, users, and trading partners on-premises, as well as in the cloud. Popular file transfer and encryption protocols are supported in GoAnywhere including SFTP, FTPS, FTP, SCP, AS2, HTTPS, Open PGP, and ZIP with AES encryption. FIPS 140-2 validated encryption ciphers are provided to protect confidential information.
Consolidating Vendors Is High Priority of Two-Thirds of Respondents
How many is too many? While that’s up to the business to decide, it seems that two-thirds of global respondents have hit their limit when it comes to taking on new vendors. You know the saying: “Too many cooks spoil the soup.”
Our research revealed that two out of three security leaders are consolidating, or making plans to consolidate, security vendors. They believe that doing so will improve the strength of their security posture and reduce operational overhead. Reducing vendors also leads to cost savings in other areas (like security and infrastructure) and causes teams to better use the tools they have to solve existing issues in creative ways.
One rebuttal we’ve heard against vendor consolidation is, “We’re looking for best-of-breed in every area, so we like to shop around.” We feel the same way, which is why at Fortra, we’ve “shopped around” ourselves and done some significant integrating, acquiring, and merging recently (if you haven’t noticed). Their goal is our goal: a suite of best-of-breed solutions integrated under one umbrella. It’s all the specialty and expertise of a niche solution with the reduced overhead, red tape, and SLAs of a single-vendor solution.
GoAnywhere MFT is a key component of several bundled cybersecurity solutions from Fortra, including SFT Threat Protection, which integrates managed file transfer with advanced threat protection and adaptive data loss prevention to keep your sensitive data secure and Zero Trust File Transfer, which enables automatic file sharing and scans files for malware or viruses, and encrypts them for total control over files wherever they ultimately travel.
Longer Procurement Cycles Ahead
We also noticed a trend towards longer procurement cycles. Market conditions are leading to flat budgets, which leads to more scrutiny when evaluating potential tools. This brings more people into the decision-making process than ever before, including non-security stakeholders such as business unit leaders, and each aspect now needs to be explained and understood from a variety of perspectives and backgrounds. This inevitably leads to longer cycle times.
Third Parties to Take Over Security Operational Burden
Another interesting change that we noted was that over half of respondents are clearly looking to utilize a third party to help manage the operational burden. When asked which areas required additional support, 58% cited email security and anti-phishing, 52% cited vulnerability management, and 51% cited data protection.
These are all high-traffic areas for data, and it comes as no surprise that companies with lean IT teams (or even robust ones) are having a hard time keeping up. AI is powering so much of the traffic we see today in phishing, in poking around for vulnerabilities and doing reconnaissance work, and in the proliferation of malware and launching attacks. Teams need AI-backed solutions, but also often an extra set of hands and eyes to properly tackle the problem. We think this trend will continue well into the new year and potentially beyond.
View the Full Survey Results
Our 2024 State of Cybersecurity Survey drew insights from hundreds of cybersecurity professionals from over a dozen countries and every continent except Antarctica. These security leaders hailed from companies with less than 100 employees to those with over a thousand and included analysts, engineers, directors, C-suite executives, and more.
We think this view from the trenches is a telling indication of what the industry can expect in the coming year and encourage you to increase your scope of this year’s insights by viewing the expert analysis of the full results.
Learn How MFT Helps Address Security Concerns
GoAnywhere MFT can be an integral part of your organization’s efforts to protect your most valuable asset – your data. We'll discuss these survey results in more detail in an upcoming blog, focused on how Fortra's Data Security solutions can solve the highest priority problems customers shared in this survey for 2024. Be sure to subscribe to our blogs so you don’t miss one.
In the meantime, schedule a demo with one of our experts to see how MFT can secure and streamline your data exchanges.
