Cybersecurity leaders’ growing sense of helplessness

New research conducted by Green Raven Limited, a specialist cybersecurity consultancy and reseller, has highlighted a growing feeling of professional despair and helplessness among many senior cybersecurity professionals in the UK’s largest organisations.

Green Raven Limited and research specialists Censuswide surveyed 200 cybersecurity professionals, responsible for leading cybersecurity teams, managing cybersecurity, and handling associated budgets in organisations with more than 1,000 employees.

According to the research, 70% of respondents reported negative emotions due to the relentless and ongoing increase in cyber losses. 59% feel an inevitability to their organisation’s cybersec failing, with these same negative feelings also spilling into their personal lives.

In recent years, cybersecurity has experienced a shift from traditional approaches as organisations have been prepared to spend large amounts of money on solutions without any clear, strategic focus. Unfortunately, this is no longer effective in the prevention of growing losses from cyberattacks worldwide.

To combat this, cybersecurity professionals are now seeking more targeted, data-driven methods to help them understand threats better, the survey states. For instance, many professionals believe new AI-based tools provide more precise insights and improve defence against potential cyberattacks.

The research establishes the pressure many cybersecurity professionals are under, with almost 70% saying they are under extreme pressure from senior management and boards to demonstrate the need for their cybersecurity budget for the coming year. The majority of those, and over half of all surveyed, state they struggle to win the necessary budget, adding to the existing pressure.

Despite nearly 90% of survey respondents reporting their organisations have allocated more funds to cybersecurity, fewer than half believe such investments are enough to address overall cybersecurity needs. 47.5% say their organisation’s cybersecurity budgets are increasing rapidly, but this is still not enough to keep up with the challenges faced.

Not knowing where the next cyberattacks are coming from is another issue facing the cybersecurity world, with two-thirds stating they feel like they are ‘working blindfolded.’ Professionals may therefore struggle to allocate resources, prioritise threats, and develop proactive defences, increasing an organisation’s vulnerability to attacks.

The answer may be in advanced AI tools, according to the research. Almost four in every five of the participants have faith in newly developed AI tools, which may provide them with an advantage over some threats.

79% of the professionals agree that a proposed, ideal “gold standard” process for managing risk and compliance would be effective. It was described in the questionnaire as involving four steps – identifying possible risks, assessing each one carefully, treating or addressing them, and monitoring.

75% state that their organisations already follow this ideal standard, but half of those who disagreed say their organisations implement shorter, less comprehensive approaches. Instead, they primarily examine specific risks and the strengthening of defensive measures, rather than a risk management process and action plan.

Not following the set protocols can lead to inadequate risk mitigation, leading to a higher vulnerability to evolving cyber threats. And, as the research indicates, this has a ripple effect, causing unease and despair among employees and management.

Morten Mjels, CEO of Green Raven, pointed out a contradiction in respondents’ attitudes to their cybersecurity strategies: “Despite the impact on their lives, ever-rising cybersecurity budgets and the belief that a breach will occur in the end anyway, respondents are still happy to say that current cybersecurity strategies are ‘sustainable’ – when their own observations clearly indicate otherwise.”

It is clear from Green Raven’s results that cybersecurity professionals are not happy with the current state of their industry. Many feel overwhelmed by the pressure to secure their organisations while facing increasing threats, insufficient resources, and a lack of effective strategies.

(Image credit: “Computer Code” by One Idea LLC is marked with CC0 1.0.)

See also: Linux Foundation releases ‘Census III’ open source report

Looking to revamp your digital transformation strategy? Learn more about Digital Transformation Week taking place in Amsterdam, California, and London. The comprehensive event is co-located with IoT Tech Expo, AI & Big Data Expo, Cyber Security & Cloud Expo, and other leading events.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.