Only half of organisations have budget to meet cyber needs

Despite the importance of protecting against security threats, budgets are not keeping pace with the greater exposure caused by hybrid working

Only half (49%) of organisations have a sufficient budget to fully meet their current cybersecurity needs, according to a recent survey by the Neustar International Security Council (NISC).

Despite the rapidly changing threat landscape, one-third (35%) of information technology and security professionals responding to the survey said their organisation’s cybersecurity budget would remain the same or decrease in 2023, and 44% of these individuals believe their business will be more exposed and at risk as a result.

When survey participants were asked to identify the most significant current risks to their organisation’s IT security posture, “increased sophistication of attacks” emerged as the top concern (cited by 60% of respondents), followed by “increased activity of attackers” (54%), “budget constraints” and “larger attack surface from an increasingly borderless business operation” (both 35%).

Concerns that budget restraints are limiting the use of new technologies

While a large majority of respondents agree that C-suite and board-level decision-makers understand the current security threats their business is facing (83%), recognise the importance of having a multilayered defence strategy (81%), and make protecting the organisation an integral part of business operations (80%), a significant share of participants (69%) are also concerned that current budget constraints are limiting the use of new strategies, technologies and implementation practices.

“IT and security teams have faced a lot of pressure in recent years as they’ve been tasked with spearheading major new digital initiatives – often in the face of persistent staffing shortages – while defending a growing attack surface from larger, more sophisticated attacks in an increasingly complex threat landscape,” said Carlos Morales, senior vice president of solutions at Neustar Security Services.

A sizable majority of survey participants (85%) reported that hybrid working has increased their organisation’s reliance on third-party providers for outsourcing staff and resources, and more than three-quarters (78%) of these professionals believe this development has left their organisation more exposed.

With regard to the types of exposure organisations face as a result of increased integration with third-party providers, respondents rated distributed denial-of-service (DDoS) attacks as the greatest perceived threat (ranked highest by 22%), followed by system compromise (20%) and ransomware (18 recent). Overall, participants rated ransomware as the top increasing threat vector (75%), followed by generalised phishing (74%), DDoS attacks (72%), and targeted hacking and social engineering via email (both 71%).

“With mounting budget pressures, IT and security teams are once again being asked to do more with less, which will likely accelerate the adoption of service-based offerings that allow enterprises to flexibly scale up resources based on demand,” adds Morales. 

“While cost may be the driver, technology leaders must carefully consider what value potential service-based offerings can deliver to ensure maximum impact to the organisation and prioritise partners that can deliver best-of-breed technology, professional expertise and word-class service.”

The NISC survey participants were senior information technology and security professionals from across six EMEA and U.S. markets. The survey was conducted in November 2022 and reflects respondents’ activity and concerns during September and October 2022.

Share

Featured Articles

Apple Accelerates Gen AI Push as Part of Future Strategy

We explore how Apple is continuing its push into generative AI in 2024, having acquired a startup which specialises in making AI apps more efficient

Honda and Nissan Partner to Harness AI and Upscale EVs

To tackle a turbluent EV market, Honda and Nissan announce a memorandum of understanding (MoU) to produce essential AI components to rival competitors

Event Breakdown: Upcoming Tech & AI LIVE Events in 2024

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

McKinsey: How CIOs can Navigate Emerging Technology Trends

Digital Transformation

Rise of the Chief Trust Officer Shows Value of Digital Trust

Cloud & Cybersecurity

International Women’s Day: Women in Technology in 2024

Digital Transformation