Sellers receive low marks for customer support and binding to benchmarks.
Microsoft wants to kill the password using FIDO2 security for better authentication
Andrew Conway, general manager for Microsoft 365 Security, discusses how theft of login data can be prevented by relying on biometric security.
IT managers want to trade in point solutions for a comprehensive cyber security strategy and expect suppliers to help, according to a new report from Valimail.
This survey of nearly 300 IT and security professionals showed that customers hope that security products do more than just defend against business email compromises and phishing attacks. Customers also need security software to support compliance efforts; 45% said this was very important. In addition, customers need data from threat monitoring software available for other applications, with 46% considering this option to be very important.
In the report, Errol Weiss, chief security officer at Health-ISAC, said security teams are currently stuck with point solutions.
“Collectively, the industry has done a poor job of coming up with integrated solutions that work well,” he said.
Customers want an API first approach, which according to the report makes it easy to integrate multiple cyber security products. Seventy-one percent described APIs or SIEM integration as very or critically important.
In addition to improved interoperability, security software customers want suppliers to take the lead in building and maintaining the overall security ecosystem. 51% think this is very important and 18% consider it critical.
SEE: Phishing attacks: a guide for IT professionals (free PDF)
Respondents were divided as to whether cyber security vendors present facts that can be easily verified: 44% said yes and 46% said no. Sellers did better to explain their technology. Just over half of the respondents said that suppliers provide clear information with some verifiability. Thirty-eight percent said suppliers use vague and hard-to-verify descriptions.
Define performance benchmarks
Sellers received a figure on a contractual guarantee that they would reach performance benchmarks:
- Never 3%
- 10% or less of the time 8%
- 11 – 25% of the time 9%
- 26 – 50% of the time 27%
- 51 – 75% of the time 34%
- 76 – 100% of the time 19%
In addition to using vague language during the sales process, suppliers make other communication errors after the sale. Fifty-two percent of respondents said they answered the phone when they needed help from suppliers, and 9% said they only hear from suppliers at the time of contract renewal.
Weiss said he needs threat information providers to meet his team at least twice a quarter.
IT security releases
Slightly more than 70% of respondents said that security spending is less than 30% of total IT spending, and 24% say the total is less than 10%. This is the spending range for security software:
- Less than $ 10,000 6%
- $ 10,000 – $ 49,000 17%
- $ 50,000 – $ 99,000 22%
- $ 100,000 – $ 249,000 28%
- More than $ 250,000 27%
The survey was based on 296 responses of a broad cross-section of corporate sizes and revenues and eight vertical sectors, including federal and national and local governments, technology services, finance, education, manufacturing, medical and healthcare, legal / real estate, and retail and wholesale. Among the respondents, 40% have data and cyber security titles from the director or higher.
Cyber Security Insider Newsletter
Strengthen the IT security of your organization by staying up to date with the latest news, solutions and best practices for cyber security.
Delivered on Tuesday and Thursday
Customers want more strategic support from security software vendors and improved integration between security tools.