Security teams expect higher costs and greater workloads next year
New research from Deepwatch shows 78 percent of security professionals expect breach and incident reporting requirements to create more work for their teams, and 77 percent expect increased work arising from privacy requirements.
The SecOps pulse survey shows digital transformation initiatives and regulatory requirements are the top two cost drivers expected for next year.
"Regulatory developments around both incident reporting and privacy will undoubtedly continue to ramp up in 2023," says Bill Bernard, AVP, security strategy at Deepwatch. "Between differing perspectives on reporting timelines and the multiple agencies and authorities involved, breach notification compliance will be complex and challenging for security teams. On the privacy side, security professionals who typically don't consider themselves privacy professionals will need to play a role in enforcing various controls stemming from multiple privacy requirements emerging across numerous states, countries and governments."
Another cost concern for 78 percent of security professionals is cybersecurity insurance. More than a third (39 percent) say it's already too expensive, and another 39 percent believe while cyber insurance offers value today, that won't be the case if prices go up further.
When it comes to investment most teams are prioritizing the 'respond' (46 percent) and 'detect' (42 percent) functions of the NIST framework. As nearly all (95 percent) of security professionals cite continued staffing challenges, 82 percent of security professionals are either using or are considering managed services.
"Many organizations still struggle to mature security programs beyond the hardening strategies with strong detection and response capabilities," adds Bernard. "While we all want to do our best to minimize the attack surface as much as possible, we know the attack surface cannot be totally eliminated. In today's landscape, every enterprise should be monitoring environments 24/7/365. Running a security operations center internally is a huge undertaking, and many are not only alleviating that workload through managed detection and response (MDR) partners but they are also getting increased efficacy from MDR specialists that are built to give the highest fidelity alerts and rapid response actions to contain threats swiftly."
You can get the full report on the Deepwatch site.
Image credit: nd3000 / Shutterstock