The enterprise cybersecurity function across industries is plagued by a lack of finance and resources.

There are two primary themes that impact this case: a lack of finances and competent employees in the cybersecurity field. Staff can only be lured into cybersecurity roles by promises of higher pay. Thus those two themes may be considered one – but while this degree of reductionism is cleaner, it inhibits further investigation.

If organizations want to improve their cybersecurity posture, the two fastest methods to do so are to hire trained staff and assure adherence to data protection regulations in their respective jurisdictions. Those advances have been realized in recent years by firms that were not previously classified as “high performance” in terms of cybersecurity.

It is important to create a significant disruption involving the loss of over a thousand customer or personal staff records. Given that the cybersecurity personnel will be aiming for 100 percent water tightness, this seems like a high bar to set. 

One of the key difficulties mentioned by survey respondents was the existence of data silos. On that note, the problems seem to stem from the diversity of cybersecurity data and technologies rather than a more generalized demarcation of data repositories between different business areas – HR data not being blended with Logistics data, for example, was not the issue.

Reducing the number of cybersecurity technologies resulted in only minor improvements in response time and effectiveness. The poll respondents admitted that building cohesive interactions across multiple technologies yielded considerable benefits. While the reasoning behind this is undeniable, working with what the cyber teams already have rather than sourcing “the one platform that rules them all” may be the most efficient method to get the desired capabilities.

The need for better and more accurate planning was mentioned in the study, and this serves as a reminder of the limited resources and money available to most cybersecurity teams. It takes time, money, and effort to plan and create “playbooks” for effective cyber assaults.

According to the survey’s respondents, the most prevalent playbooks that were effectively followed were around malware and DDoS attacks, with pre-emptive activities such as anti-phishing measures receiving less budget allocation.

To conclude, the message remains the same despite having been heard countless times before, “cybersecurity teams need more funding and more people.” But, sadly, this plea frequently goes unheeded.

Like this Post? Checkout our Featured Stories Section