Report: 90% of orgs believe cybersecurity risk isn’t being addressed

According to Foundry’s 2022 Security Priorities Study, an overwhelming majority (90%) of security leaders believe their organization is falling short in addressing cybersecurity risk. Those surveyed experienced these pitfalls from different issues, such as convincing the severity of risk to all or parts of their organization (27%), and believing their organization isn’t investing enough resources to address risks (26%). 

Budgets continue playing a factor in a company’s cybersecurity efforts as well. For small businesses, the security budget has jumped to $16 million, from $11 million last year and $5.5 million in 2020. Enterprises are seeing steady security budgets – $122 million this year compared to $123 million in 2021.

Looking toward cyber insurance, a growing sector, close to a quarter of organizations stated they have cyber insurance on their radar and only 23% are not interested. 

Cybercrime-as-a-service

To address the growing innovation of cybercriminals and the various cybercrime-as-a-service models that are cropping up, security decision-makers are researching and testing a wide range of new security technologies to add to their tech stack. The top technologies being actively researched include:

• Security orchestration, automation and response (SOAR) (34%)
• Zero-trust technologies (32%)
• Secure-access service edge (SASE) (32%)
• Deception technologies (30%)
• Ransomware brokers (30%)

The data makes it clear that as businesses grow and scale their security efforts in tandem, the proper investments and budgetary requirements must follow suit. Organizations of all sizes recognize security risks and understand the fallout that can occur due to a breach, and many security leaders are preparing for the worst-case scenario. This provides opportunities for technology vendors to better understand what the major challenges are, and provide the appropriate tools and solutions.

Cybersecurity skills shortage

The study also shows the security skills shortage is still impacting a large portion of organizations. To address it, nearly half (45%) of IT leaders are asking current staff to take on more responsibilities and utilize technologies that automate security priorities. Forty-two percent are outsourcing security functions, while 36% are increasing compensation and improving benefits.

As security leaders navigate a competitive workforce, they are also looking to their security technology partners to create more efficient and automated practices that make sense for their business and employees.

Methodology

The 2022 Security Priority Study was conducted via online questionnaire from June through August 2022. 872 total respondents with IT and/or corporate security leadership responsibilities were collected from NA (55%), EMEA (18%) and APAC (27%) regions. Top represented industries include technology (25%), manufacturing (13%), government/nonprofit (10%), and financial services (8%). The average company size was 10,991 employees.

Read the full report from Foundry.