sb-eu logo
Story image

Gartner: Only 65% of businesses have cybersecurity experts in-house

18 Jul 2018

 A new survey from Gartner says that while most CIOs expect the number of cyber threats to rise over the next three years, not all of them actually have a cybersecurity expert to deal with the deluge.

The 2018 CIO Agenda: Security and Risk Managements Insights survey polled 3160 respondents in 98 countries and found that 95% predict an increase in threats but only 65% have a security expert in their organisation.

According to Gartner research director Rob McMillan, cybersecurity remains a top concern for organisations, but cybercriminals often act in ways that organisations struggle to anticipate.

"In a twisted way, many cybercriminals are digital pioneers, finding ways to leverage big data and web-scale techniques to stage attacks and steal data," he says.

While many CIOs are focusing on market share and growth as top business priorities for 2018, that growth also introduces new opportunities for cyber threats.

"The bad news is that cybersecurity threats will affect more enterprises in more diverse ways that are difficult to anticipate," McMillan says.

"While the expectation of a more dangerous environment is hardly news to the informed CIO, these growth factors will introduce new attack vectors and new risks that they're not accustomed to addressing.”

He adds that CIOs can’t protect their business from everything so they need a sustainable set of controls that are able to balance business protection with operation.

This is something that many organisations have started, but those controls still need more sework.

35% of survey respondents say they have invested in some kind of digital security, and 36% are experimenting or planning to implement security in the short term.

Gartner predicts that 60% of security budgets will support detection and response capabilities by 2020. McMillan adds that a risk-based approach is crucial to setting a target level of what he calls cybersecurity readiness.

"Raising budgets alone doesn't create an improved risk posture. Security investments must be prioritised by business outcomes to ensure the right amount is spent on the right things,” McMillan comments.

Almost all (93%) of CIOs at ‘top-performing organisations’ say that digital business has benefited their company, leaving them open to change and adaptable.

Gartner says this attitude of cultural openness towards new recruitment and training avenues will benefit many security practises.

"Cybersecurity is faced with a well-documented skills shortage, which is considered a top inhibitor to innovation. Finding talented, driven people to handle the organisation's cybersecurity responsibilities is an endless function,” McMillan concludes.

Although many organisations have a dedicated cybersecurity expert, Gartner warns that the skills shortage continues.

Gartner recommends that chief information security officers (CISOs) continue to build bench strength through innovative approaches to developing the security team's capabilities.

Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
Metallic adds data management and GDPR compliance
Now GDPR compliant, additions to the portfolio include eDiscovery features and support for Microsoft Hyper-V and Azure Blob and File storage.More
Story image
Lazarus Group linked to phishing attacks on cryptocurrency sector
In this case, the attacks were launched through a phishing document sent via LinkedIn to employees at the targeted organisation. This phishing document was styled to look like a job advertisement for a role in a blockchain company.More
Story image
Acronis announces new security endpoint solution
The solution is an integration of data protection and cybersecurity which provides customers with effective endpoint protection in a landscape where the pointlessness of perimeter security is becoming more pronounced.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Jamf extends Microsoft collaboration with iOS Device Compliance
Organisations will soon be able to use Jamf for Apple ecosystem management while using Azure Active Directory and Microsoft Endpoint manager to maintain conditional access.More