Confidence isn’t new when it comes to cybersecurity. All the way back in 2015, for example, 86% of security professionals working in the energy sector told Tripwire that they were confident they could detect a breach in a week. Just less than half (49%) said it wouldn’t take them longer than a day to spot an attack.

It was the same story a year later when Tripwire surveyed infosec professionals in the retail sector. Most (95%) respondents said their organization could detect a breach within a month. That was the case even with 48% of survey participants admitting their breach detection products were just partially integrated.

Those statements weren’t consistent with the reality of the times, however. As an example, Mandiant’s M-Trends 2015 report stated that the average period for spotting an advanced persistent threat was 205 days. The 2015 Data Breach Investigations Report gave a similar estimate when it said that two-thirds of targeted attacks took months to detect.

These findings raise the question: Is this overconfidence still shaping security professionals’ expectations? What’s the situation look like in other sectors?

New Decade, Same Confidence

Make UK answered that question in sharing the results of its Cyber Security Survey 2021. Indeed, nearly nine in 10 (87%) of respondents in manufacturing told the UK manufacturers organization that they had the necessary tools, processes and technology to prevent or protect against a security incident. When asked to clarify what tools they were using, 97% manufacturers said they were using antivirus software and firewalls to secure their web connections. Just less than (90%) noted that they were using network-wide and system updates.

Chart 2: Manufacturers are using a range of tools and technologies to prevent or protect against a cyber security incident
Chart 2: Manufacturers are using a range of tools and technologies to prevent or protect against a cyber security incident

Approximately the same percentage (91%) went on to state that they (Read more...)