2024 Cybersecurity Service Application Status Survey: Service Quality and Effectiveness Are the Biggest Application Challenges

As cybersecurity threats continue to evolve and escalate, companies are beginning to focus on building new service-based cybersecurity capabilities to face increasingly complex security threats. In order to better understand the current application of cybersecurity services in Chinese corporate organizations, SafeNiu recently conducted a questionnaire survey on the application of new generation cybersecurity services.

This survey was conducted through voluntary registration through online channels, and a total of 136 questionnaires were collected, of which 98 were valid questionnaires (filled out by network security and related personnel of Party A enterprise users), covering industries such as finance, manufacturing, telecommunications operators, and the Internet. Security Cow hopes that this survey can, to a certain extent, reflect the current application status of network security services in Chinese enterprises, and provide feasible implementation ideas and suggestions for organizations in the subsequent construction of new generation network security service capabilities.

Through the analysis and summary of the feedback from the effective questionnaires, Anquanniu found that the security service application of domestic enterprises has basically reached the standard maturity stage, and is building and applying a new generation of security services, which has also brought more demand for a new generation of network security services. However, factors such as the inability to guarantee service quality, data leakage risks, priority to understanding the business of Party A, and difficulty in quantifying service level agreements are the main challenges affecting the application of network security services. 65.6% of the surveyed companies are worried that the quality and actual application effects of third-party network security services will not meet expectations.

The following are the results of some key issues in this survey:

1. my country's corporate security service personnel are generally insufficient. Survey data show that nearly 60% of enterprises have less than 3 full-time security personnel, and 9.8% of enterprises do not even have full-time personnel. Building and maintaining a professional security team requires a lot of manpower, material and financial resources, which is relatively costly for general small and medium-sized enterprises.

Figure 1: Enterprise network security service personnel configuration

2. Survey data shows that nearly half of domestic companies (49.2%) currently spend less than 5% of their total IT spending on cybersecurity. More than 75% of companies will see their cybersecurity budgets remain the same or shrink year-on-year in 2024, with 14.8% of companies seeing their security budgets shrink by more than 10%. Insufficient corporate cybersecurity budgets will lead to weak corporate security protection capabilities.

Figure 2: Corporate cybersecurity budgets in 2024

Figure 3 Enterprise cybersecurity service budget

3. Survey data shows that 39.3% of enterprises spend 20%-50% on third-party security services. At present, the construction of domestic enterprise security service capabilities needs to rely on third-party service providers.

Figure 4: Enterprise spending on third-party cybersecurity services

4. Survey data show that 31.2% of enterprises have entered the standardization stage of security service construction, established security operation teams, and have clear job responsibilities and standardized incident response processes to respond to common security incidents in a timely manner; 16.4% of enterprises have preliminary new-generation security services and have established normalized organizations such as security incident response centers to respond to incidents quickly 24 hours a day; 11.5% of enterprises have further developed the construction of new-generation security services, which can use intelligent technology to discover unknown threats, automate incident response and disposal, and deal with advanced threats.

Figure 5 Enterprise network security service construction status

5. Survey data shows that more than 90% of enterprises believe that building network security capabilities requires reliance on third-party services. Due to the widespread problems of professional talent shortage, lack of experience, and incomplete skills in enterprises, as well as the need to invest a lot of manpower, material resources, and financial resources to build and maintain a professional security team, enterprises find it difficult to effectively respond to complex security threats by relying on their own security teams. Third-party security service providers have professional security talents and rich experience, advanced security technologies and tools, and can provide continuous security monitoring and threat analysis, which can help enterprises make up for the shortcomings of their internal security teams, timely discover and deal with security threats, and quickly respond to security incidents, thereby improving security protection capabilities and helping enterprises reduce risks and losses.

Figure 6 Enterprises’ demand for third-party network security services

6. Chinese enterprises have a wide range of demands for third-party network security services. Survey data shows that 59% of the surveyed enterprises believe that they need security consulting services, 54.1% of the surveyed enterprises believe that they need security operation and maintenance services, 45.9% of the surveyed enterprises believe that they need security operation services, and 44.2% of the surveyed enterprises believe that they need security support services.

Figure 7 Types of enterprise demand for third-party network security services

7. There are many challenges in the application of third-party network security services. Survey data shows that 65.6% of enterprises are worried that the quality of third-party network security services will not meet construction expectations; 55.7% of enterprises are worried that third-party services may have data leakage risks; 55.7% of enterprises are worried that third-party service providers do not understand the business of the enterprise; 50.8% of enterprises are worried that the service level agreement (SLA) is difficult to quantify.

Figure 8 Challenges of third-party network security service applications

8. Procurement challenges for cybersecurity services include procurement restrictions and lack of awareness. Survey data shows that 33.3% of companies do not procure third-party services due to procurement restrictions, and 23.8% of companies lack understanding and awareness of third-party cybersecurity services.

Figure 9 Procurement challenges of third-party cybersecurity services

9. Lack of professional security talent and experience is the main reason why companies purchase third-party network security services. Survey data shows that nearly 70% of companies (68.8%) believe that third-party services can provide expert security teams and professional security knowledge and skills, nearly 60% of companies (59%) believe that third-party services can respond quickly to security incidents, and more than half of companies (52.4%) believe that third-party services are needed to help deal with new threats and vulnerabilities in the face of rapidly growing threats and vulnerability challenges.

Figure 10 Main reasons for purchasing third-party cybersecurity services

10. Enterprises' satisfaction with third-party network security services needs to be improved. Survey data shows that nearly 40% of enterprises (37.7%) feel average or dissatisfied with third-party services. Enterprises have different needs for security services, which are difficult to provide in a standardized way. Service providers need to fully understand user businesses, reasonably allocate resources, actively use new technologies, and provide customized services to improve user security capabilities.

Figure 11 Satisfaction with third-party network security services

11. When selecting a new generation of network security services, enterprises generally evaluate the vendor’s market strength and project service capabilities. Survey data shows that 59% of enterprises believe that the professional capabilities of the service team are the primary factor in selecting a service provider, including the qualifications, experience, and technical level of team members. Other selection factors include vendor brand, market performance, and technical capabilities.

Figure 12 Factors in selecting a network security service provider

12. Enterprises currently mainly evaluate the value and quality of third-party network security services through actual results. Survey data shows that more than 60% of enterprises (65.6%) evaluate service quality through incident response time, re-security or the actual results of attack and defense drills.

Figure 13 Methods for evaluating network security service quality