Cybersecurity is getting harder: more threats, more complexity, fewer people

Splunk and Enterprise Strategy Group released a global research report that examines the security challenges facing modern enterprises. More than 1,200 security managers took part in the survey, revealing that they have seen an increase in cyberattacks as their teams face growing talent shortages.

According to the report, 65% of respondents say they have seen an increase in attempted cyberattacks. Additionally, many have been directly impacted by costly data breaches and ransomware attacks, which have exhausted security teams:

  • 49% of organizations say they have experienced a data breach in the past two years, up from 39% a year earlier.
  • 79% of respondents say they have encountered ransomware attacks and 35% admit that one or more of these attacks has caused them to lose access to data and systems.
  • 59% of security teams say they have had to spend a lot of time and resources on remediation, up from 42% a year ago.
  • 54% of respondents report that their critical applications experience unplanned outages related to cybersecurity incidents at least once a month, with a median of 12 outages per year. The median recovery time from unplanned outages related to cybersecurity incidents is 14 years. hours. Respondents estimated the cost of this downtime to average about $200,000 per hour.
  • 64% of security professionals said it is difficult to keep up with new security requirements, up from 49% a year ago.

“This survey revealed that organizations are deeply concerned about supply chain attacks, particularly after the 2020 SolarWinds hacks and the Log4Shell incident in late 2021,” said Ryan Kovar, Distinguished Security Strategist at Splunk.

“Ninety percent of organizations said they were focusing more on third-party risk assessments in the wake of these high-profile attacks. In my 20 years in IT security, I have never seen software supply chain threats with this level of visibility. Unfortunately, this will only increase the already intense pressure that security teams face.

The impact of the Great Resignation and the challenges of teleworking

As cybercriminals become more persistent and workloads increase, many organizations have been impacted by the Great Resignation and the added security challenges of remote working. These factors have exacerbated the already persistent talent shortage within the cybersecurity industry:

  • 76% of respondents say their team members have been forced to take on responsibilities they are not ready for, and 70% say the resulting increase in their workload has caused them to consider look for a new role. 85% of respondents say it has become more difficult to recruit and retain talent over the past 12 months.
  • 53% of respondents say they cannot hire enough staff and 58% cite an inability to find talent with the right skills. 68% of respondents report that talent shortages have directly led to the failure of one or more projects/initiatives.
  • 73% of respondents say workers quit, citing burnout.

Modern enterprise security issues

Organizations around the world face similar security challenges, but many struggle to ensure proper investment in their cybersecurity programs and face cybersecurity skills shortages:

  • Respondents in Canada report that their organizations are increasing their investments in cybersecurity at a slower rate than their global counterparts. While 37% of respondents say their organization will significantly increase its investments over the next 12-24 months, 52% of their peers in other countries say the same.
  • 53% of German organizations indicated that difficulty recruiting and retaining security talent led to multiple project delays in the last 12 months, compared to 43% in other countries.
  • Cybersecurity skills shortages appear to be particularly difficult in Singapore, with 44% of respondents reporting issues with both hiring and retention, compared to 22% of global peers reporting this is the case.

“Our latest State of Security report revealed the challenges facing security professionals, but we can take steps to address these issues,” said Jane Wong, vice president of security products at Splunk. .

“A positive sign is that more than two-thirds (67%) of organizations are actively investing in technologies designed for advanced analytics and automation of security operations. Automation is essential to help reduce the time it takes to respond to attacks, and these technologies should be focused on supporting our human analysts, not replacing them. That may mean fewer tools, not more. For example, a platform approach can make it easier for security teams to take action against complex threats, while the basics are patched at machine speed. The result should be less feeling of being overwhelmed – and less analyst burnout, but also reduced waiting time if the organization has been breached.

Sharon D. Cole