The only persistent threat to organizations than cybercrime? Cybersecurity skills crisis.
Almost 60% of businesses The Information Systems Security Association (ISSA) reports in the 5th annual global study of the Information Systems Security Association (ISSA).
Result? Heavier workloads, unfilled positions, and burnout.
And technology Not reduce the burden in many organizations, especially smaller ones. In fact, it is making matters worse, Cynet’s recent CISO survey found.
Big technology pushes small teams to the limit
Technology often stacks cybersecurity teams, but in the case of teams of five or less – that only leads to overwhelming. For example, they take an average of 18 months to fully deploy and feel proficient with endpoint detection and response (EDR) tools – making the technology another barrier to cybersecurity for users. 85% of teams adopt it by 2022.
Survey results: Threat protection products’ top pain points
- Possible overlap of different technologies: 44%
- The full view of an attack can be viewed: 42%
- Deployment and maintenance of different technologies on one machine: 41%
- Missing forensic information: 40%
- Lack of reporting capabilities: 25%
Many of the problems small teams have with threat protection products are in large part because they are designed for larger organizations with larger teams and budgets. Deloitte estimates the average security spend per employee in companies of all sizes to be $1,300 to $3,000but the companies surveyed only spend $250 per employeeMedium.
Blind Spot Plague Smaller Cybersecurity Group
In an age where even secure platforms are hacked (Okta) and compromised passwords can lead to ransomware attacks causing price spikes at the gas pump (Colonial Pipeline), you would think Cybersecurity teams will scrutinize each alert. Not so. Not between smaller teams.
Even though 58% of smaller companies find their risk of being hacked is higher than that of larger organizations, 34% said they ignored the warnings has been remedied.
Moreover, 21% assigned that they only consider important warnings, from 14% last year. Again, it can be blamed on too much competence and not enough skilled professionals: 35% says they have a full-time specialist pursuing all warnings.
Trends are of interest as these warnings could signal a larger cyberattack.
CISO’s game plan to close the security gap
While CISOs can’t train a new army of cybersecurity professionals, they can reduce technology dominance. This year, the majority reported plans to strengthen their threat protection technologies; gain greater visibility into their threat landscape; and let automation do more of the heavy lifting for their team.
Want to learn their solution to kill three birds with one stone?
Unpacking key findings from the CISO 2022 Survey with Small Cybersecurity Teams in this Free webinar. In just 30 minutes, you’ll discover the top challenges facing smaller cybersecurity teams in 2022 and how their CISOs plan to overcome them.
Watch the on-demand webinar now.