IT and security leaders feel less safe than a year ago

A new study from Appsbroker CTS finds 79 percent of IT and cybersecurity leaders believe that emerging technologies like GenAI will 'change the game', leaving them unprepared.

In addition 90 percent say the risk and severity of cyberattacks has increased over the past year, while 61 percent believe the attack surface is now 'impossible to control'.

The top five threats cited as leading to sleepless nights are:

• Being hit by a malware, ransomware or phishing attack that halts their ability to operate.
• Lack of visibility around unknown security risks.
• Threat actors stealing identities to access privileged systems and data.
• Misconfigurations leaving systems open to attack.
• Having to patch and rewrite vulnerable applications.

Across all sectors, there is a general perception that the cost of cyberattacks is outstripping investment in cybersecurity. 97 percent of IT leaders have increased cybersecurity investment, but many feel it's failing to make the right impact, with 55 percent feeling less secure today than a year ago. 61 percent of IT leaders lack confidence that their level of cyber investment will be enough to reduce their overall risk.

Ed Russell, CISO business manager at Appsbroker and CTS, says:

As cyber attacks become more frequent, advanced and insidious, continually evolving your cybersecurity measures is the only way to protect against an ever-changing threat. This starts with knowing which investments are having the biggest impact on reducing the attack surface and mitigating risk.

Yet many businesses lack the tools and visibility needed to continuously monitor, test, measure and benchmark their security posture. Without this insight, it's impossible to know if investments are being directed to the right areas, or if existing defenses are effective. Cloud and GenAI have a crucial role to play here, offering new opportunities for businesses to take a secure by design approach that can help to tip the cybersecurity scales back in their favor.

Inability to apply governance, policies and controls across environments means security is applied inconsistently according to 67 percent of IT leaders surveyed. Moreover, 71 percent say a lack of access and control over data is opening them up to security risks.

On a positive note 53 percent of organizations have implemented at least some zero trust controls. However, several barriers exist that prevent businesses from applying zero trust consistently across all environments -- with the top five being: cost, legacy integrations, complexity and size of organisation, lack of resources, and a lack of skills and understanding.

The full report is available from the CTS site.

Image credit: Catalin Petolea/Shutterstock