Splunk is the world’s first Data-to-Everything™ Platform designed to remove the barriers between data and action, so that everyone thrives in the Data Age. They help IT, DevOps and security teams to transform their organizations with data from any source and on any timescale.
Splunk has released its inaugural State of Security Report, and its insights are promising. The report was based on a survey with 535 security leaders from across the globe to provide some interesting findings that may change how we think about our data protection strategies going forward.
Splunk report in Numbers
84% of organizations have suffered at least one significant incident in the past two years; email compromise is leading the way (42%), followed by phishing scams (33%). 78% are concerned about more SolarWinds-style attacks in the future – but only 23% have reassessed their current strategy for dealing with them!
88% of respondents are deploying or planning to deploy ML for security. 41% said that Cloud Security would be their priority, with 12% saying they will focus on Identity Management and nothing mentioned about email protection.
What can we learn from the Splunk Report
Splunk shared some solid recommendations that we encourage you to review. These include:
-
- Modernize the Security Operations Center, including zero trust and security operations automation processes, modern SIEM systems and most importantly staff training and awareness.
- Set your sights on a consolidated view of data that creates a single source of true and trusted information for IT and security teams
- Rethink your approach to supply chain threats and improve your ability to see suspicious lateral movement within your networks. Implement a well-defined and closely monitored identity policy with strong enforcement and monitoring.
- Press your collaborative advantage and advocate for the importance of integrated security thinking, at every stage of IT and the business.
Some additional suggestions from EasyDMARC are below:
Have a comprehensive email security strategy that includes:
- Inbound protection
- Outbound protection
- Security Awareness Training
- Best Practices (ever-evolving)
One of the most important things to do when outsourcing your supply chain is to make sure that they are DMARC compliant. As part of your vetting process, we recommend requiring them at minimum to have p=none in place. Over time, our recommendation would be for your vendors to deploy a more stringent policy. We are happy to provide a report with your supply chain’s DMARC posture for you to review and encourage the right best practices to protect your organization and others.
Conclusion
The latest Splunk State of Security report is a trove of information for anyone in charge of protecting their organization’s data. With so much to glean, it can be challenging to know where to start. Fortunately, the folks at EasyDmarc have taken some time to highlight a few key takeaways from this year’s report and provide recommendations on how best to deal with each one. If any of this sounds overwhelming and you want help implementing email security practices that protect your business from cybercriminals, reach out today! Our experts are ready to guide and support you 24/7.