Navigating the Roadblocks: Overcoming People, Process, and Technology Challenges for Preventive Security in Japan

Uncover the obstacles hindering preventive cybersecurity and ways to build cyber resilience for your Japanese organisation in a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable.

As the threat landscape continues to evolve, Japanese organisations face increasing difficulty in gaining a comprehensive understanding of their attack surface. A multitude of obstacles related to people, process, and technology are impeding advancements, rendering it highly challenging for security teams to effectively implement preventive cybersecurity measures.

A new white paper, “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity Teams in Japan”, reveals that, in the last two years, the average organisation was prepared to preventively defend 63% of the cyberattacks they encountered. However, having only this much coverage leaves them vulnerable to 37% of these attacks, which they were forced to reactively mitigate rather than stop altogether. 

Three-quarters (74%) of security and IT leaders believe their organisation would be more successful at defending against cyberattacks if it devoted more resources to preventive cybersecurity. The white paper is based on a commissioned survey of 825 cybersecurity and IT leaders, including 50 Japanese respondents, conducted in 2023 by Forrester Consulting on behalf of Tenable.

Challenges at a glance

People Challenges: Cybersecurity and IT teams are often siloed and their performance is evaluated using separate and contradictory criteria and goals. Internal attitudes make coordination between IT and security teams difficult and time-consuming. 

The study reveals a striking statistic: Nearly seven in 10 respondents (68%) concur that their cybersecurity teams are mired in a perpetual battle against critical incidents, leaving them little time to adopt a proactive approach to reducing their organisation's cyber risk. 

Process Challenges: Managing a plethora of third-party technologies without proper processes can make Japanese organisations vulnerable. In the era of cloud-based services and applications, seven in 10 respondents (72%) use a third-party program for SaaS apps and services. However, little under half (46%) have high and very high visibility into third-party environments. This lack of visibility can be a ticking time bomb, as it creates potential blind spots that cyber attackers could exploit.

Technology Challenges: Professionals using siloed tools are unable to determine the relationships among users, systems and software, and different measurement metrics among all the different tools make it difficult to accurately assess risk. While most respondents (74%) say they consider user identity and access privileges when they prioritise vulnerabilities for remediation, over a third (36%) say their organisation lacks an effective way of integrating such data into their preventive cybersecurity and exposure management practices. 

Tackling these challenges with exposure management

Amidst these challenges, there is a silver lining. Japanese organisations, irrespective of their current cybersecurity maturity level, have the power to take proactive steps toward reducing cyber risk. The key to overcoming these hurdles lies in implementing a robust exposure management program.

An exposure management program empowers organisations to assess their vulnerabilities, prioritise remediation efforts and streamline their cybersecurity operations. By shifting the focus from reactive measures to proactive strategies, businesses can stay ahead of cyber threats and fortify their defences.

By addressing these challenges head-on and embracing a proactive approach to cybersecurity, Japanese businesses can safeguard their digital assets, customer trust and their overall reputation. The study serves as a wake-up call, highlighting the urgency of taking action. It's time for Japanese organisations to shed old habits, empower their teams and embrace a future where preventive cybersecurity reigns supreme.

To learn more about these challenges, gain insights into how the most mature organisations are addressing them and see recommendations for how to overcome these challenges, download the white paper, “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity Teams in Japan”.