The study also found:
- 42% of respondents say cybersecurity products deliver value “sometimes,” but it is difficult or impossible to prove that value.
- 44% of respondents say "most or all vendors obfuscate their tech".
- 47% of respondents say that vendors deliver on their obligations only half of the time or less.
- 49% of respondents say vendors share little to no reliable information about product roadmaps.
In other words, they don’t share how far into the future their products will still be relevant in a continuously evolving cybersecurity landscape.
“Through in-depth conversations with our customers, we sensed a growing and widespread frustration with the majority of cybersecurity vendors out there,” said David Appelbaum, chief marketing officer at Valimail. “That is why we decided to conduct this research — to highlight this problem and call on our peers and colleagues to help change the face of cybersecurity for the better. This includes eliminating jargon, stating plainly what customers are buying and what results they can expect, and working with them to ensure those results are realized. The bottom line is that the industry is not keeping pace with the bad guys — and that is bad for everyone.”
Based on the research findings, the promise of DMARC enforcement is a critical one, as 72% of respondents said they are very or extremely concerned about email-based threats, which remains the leading attack vector for all breaches. Additionally, 48% indicated they are very or extremely likely to buy a product that promises to combat business email compromise (BEC) attacks, a problem that DMARC at enforcement significantly reduces.