CIO Influence
CIO Influence News Security

90% of Security Leaders Believe Their Organization is Falling Short in Addressing Cybersecurity Risk

90% of Security Leaders Believe Their Organization is Falling Short in Addressing Cybersecurity Risk
According to new research from Foundry, meeting compliance regulations, the skill shortage, and external threats remain top challenges for organizations around the world.

Foundry, the global leader in media, martech and data for the tech community, released the 2022 Security Priorities Study which looks at the security-related priorities IT and security leaders are focused on now and in the near future. In its sixth year, the study shares insights into the security structure of organizations, perceived risks, continued challenges, and investments being made to better secure organizations.

The research found that an overwhelming majority (90%) of security leaders believe their organization is falling short in addressing cybersecurity risk. Those surveyed experienced these pitfalls from different issues, such as convincing the severity of risk to all or parts of their organization (27%), and believing their organization isn’t investing enough resources to address risks (26%). Here is a closer look at the survey’s findings.

Latest ITechnology News: Riverbed Launches Alluvio IQ Unified Observability Service

Security research and investments are shifting
According to the research, over a third (34%) of security decision makers are researching Security Orchestration, Automation, and Response (SOAR) technologies. Zero trust technology and Secure Access Service Edge (SASE) fall just behind as the second and third on their radar at 32%. Although not in the top tools being actively researched, it is worth mentioning cyber insurance as this was the first year Foundry explored the topic. Close to a quarter of organizations have cyber insurance on their radar and only 23% are not interested.

The top security solution currently in use which Foundry classifies as piloting, in production, and upgrading/refining is endpoint protection (specifically for laptops, desktops, servers) at 78%. Similarly, three-fourths of respondents said authentication (multifactor/strong authentication or role-based solutions are in use, followed by security education/awareness training solutions and patch management (both at 74%).

In 2022, the average annual security budget is $65 million, which is similar to last year’s overall budget. For small businesses, however, the security budget has jumped to $16 million, from $11 million last year and $5.5 million in 2020. On average, enterprises are seeing steady security budgets $122 million this year compared to $123 million in 2021.

When asked which security technologies their organization will increase investment in over the next 12 months, respondents cited cloud-based security services (36%), cloud infrastructure management technology (35%), application development security (35%), access controls (35%), and cloud data protection (33%).

Latest ITechnology News: VeriSilicon AI-ISP Delivers Innovative Image Quality Enhancement that Breaks the Limits of Computer Vision

“As businesses continue to grow and scale their security efforts in tandem, it’s no surprise that the proper investments and budgetary requirements follow suit,” said Bob Bragdon, SVP/Worldwide Managing Director, CSO. “Organizations of all sizes recognize security risks and understand the fallout that can occur due to a breach, and security leaders are preparing for the worst case scenario. It’s important for technology vendors to understand what their major challenges are and provide them with appropriate tools and solutions.”

Insight into security challenges and hiring
When asked which security-related challenges were most often forcing security executives to redirect their time, respondents stated meeting governance and compliance regulations, employee awareness and training, unanticipated business risks (last year’s top challenge), preparing for or addressing risks from cyber threats originating outside the organization, and budgetary constraints and demonstrating ROI.

The security skills shortage continues to impact a large portion of organizations. Almost half (45%) of IT leaders are addressing it by asking current staff to take on more responsibilities and utilizing technologies that automate security priorities. Forty-two percent are outsourcing security functions, while 36% are increasing compensation and improving benefits. Comparing company size, half of enterprises are asking current staff to take on more responsibilities, and 37% of SMBs are doing the same.

“More regulation and compliance requirements to mitigate security risks is a positive step but is clearly creating challenges for organizations under equipped to deal with these changes,” said Bragdon. “As security leaders navigate a competitive workforce, they are also looking to their security technology partners to create more efficient and automated practices that make sense for their business and employees.”

Latest ITechnology News: Supermicro Adds New 8U Universal GPU Server That Delivers Maximum Performance and Flexibility

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

AIMMO Enters Partnership with Mitsubishi Electric for Data Supply

PR Newswire

Aurora Mobile’s EngageLab Platform Offers Global Multi-Data Center Storage for Its Push Notification Products to Meet the Data Security Compliance Requirements of Overseas Customers

GlobeNewswire

RouteQ Partners With NextBillion.ai To Increase Delivery Efficiency And Reduce Logistics Costs Around The World

CIO Influence News Desk