Cybersafetyconnections April 24th, 2023, Vol#114  

  • Still on cybersecurity from the report: State of Cybersecurity 2023. Cyberattacks are not letting down anytime soon.  
  • The findings of the report.  
  • Three-pronged solutions are recommended.  
  • Staffing and Tools challenge . 

The Report  

This blog is based on an article from CPA Letter and discusses a report from Sophos, a U.K based security software and hardware company. The subjects of the report were 3,000 leaders from 14 countries with oversight for IT/Cybersecurity and the report covered the period of January to February 2023.   

According to this report, The State of Cybersecurity 2023: The Business Impact of Adversaries,94 % of organizations surveyed encountered some sort of cyberattack. And these attacks are not predicted to decrease anytime soon.  

The challenge is that cyberattacks are happening all the time and they cannot be predicted.  

As motioned severally, with cyberattacks, it is not a matter of if it would happen but when it will happen, and no organization is exempt no matter the size or financial wherewithal.   

Report findings are;  

  • 57% of IT respondents are kept awake at night because of worrying about cybersecurity.  
  • More than 50% of IT respondents think these cyberattacks are getting too sophisticated for regular employees as well as organizations to handle without support. And 64% of smaller companies are of this view compared to 52% of bigger companies.  
  • 90% of IT professionals are concerned about cyberattacks affecting their organizations this year still.  
  • 71% reported that dealing with cyberattacks is taking a toll on their productivity because of the challenge of trying to repair the damage in a timely way which leaves them vulnerable.  
  • 55% reported IT teams’ work on other projects was being affected.  

An alarming trend is the degree of preparedness in the face of increasing cyberattacks. 

  • 93% of respondents find cybersecurity operations a challenge.  
  • 75 % struggle with identifying the root cause.  

The proposed solutions?  

NST Cybersecurity Framework 

Threat detection and response solutions. Most organizations plan to add threat detection and response to their cybersecurity tool kit with 44% making plans to work with threat detection and solutions providers in the face of an IT/Cybersecurity skills shortage. 

Even in the face of cybercriminals becoming more sophisticated, there are still solutions according to this report and they fall under these three approaches:  

  • Implement a more scalable incident response process that accelerates response time;  
  • Leverage adaptive defenses to slow down adversaries; and  
  • Create a virtuous cycle that improves protection and lowers cost.  

Staffing and Tools Challenge  

While companies are concerned about the after-effects of cyber-attacks like cleanup costs, other issues of concern are recruiting and retaining staff in this area. The retention issue is not predicted to let down anytime soon, especially with IT/Cybersecurity professionals lacking the skills and resources for the task. And therefore, the cybersecurity space is regularly plagued with burnout.  

Shortage of skills can lead to security tools misconfiguration creating a gap in your defenses even when you have the right tools since the staff may not have the time knowledge and experience to design and arrange the tools to suit the needs of the organization.  

The cybersecurity tools providers are not too confident in their tools either which should be concerning seeing how much of the budget goes to cybersecurity and how this affects employees.  

Subscribe to get the latest post.