Amid the fast-moving currents of the digital era, a troubling 47% of security leaders globally express concern about the apparent stagnation in cyber security spending relative to the digital landscape’s rapid development. This unsettling discovery arises from the detailed study included in the 2023 Cyber Security in Focus Report, a monumental task undertaken by Stott and May.
The report, which surveyed the perspectives of 60 Chief Information Security Officers (CISOs) and security leaders from Europe, the Middle East, Africa (EMEA), and North America, paints a transformative picture in which the once-sidelined issue of budget constraints has risen to the fore, now serving as the main obstacle to the smooth implementation of organisational roadmaps—a powerful opposition highlighted by a noteworthy 16% year-on-year increase.
The report underscores a watershed moment in security leaders’ difficulties. For the first time, financial restrictions (51%) have surpassed internal capabilities (34%) as the most significant obstacle to strategy implementation, highlighting the economic challenges requiring CISOs to do more with less. Board-level buy-in (11%) and technological concerns (3%) are also factors in the worldwide problems encountered by security leaders.
The skill shortage continues to be a source of concern for 66% of respondents, with 69% of security posts remaining vacant after eight weeks. Notably, 47% of CISOs report a significant rise in income expectations, with 31% reporting wage inflation of 6% to 10% year on year.
While strategic security investment continues, innovation is limited by financial restrictions, with 44% of respondents anticipating static or decreasing expenditures. Only 53% feel security spending is keeping up with the fast expansion of digital business. The top three priority investment areas for CISOs in 2023 are cloud security (25%), IAM (20%), and security and vulnerability management (18%).
The survey also highlights a rising emphasis on integrating security risk with corporate planning, with 55% of security leaders stating that cyber security is a strategic priority for their organisation. Additionally, 60% agree that the safeguarding function improves the entire value proposition to clients.
Haris Pylarinos, Founder & CEO of Hack The Box, discussed the top obstacles CISOs face when establishing a high-performing security unit. “It’s the ability to stay outward looking and ensure that internal skills stay up to date. You can hire the best security professionals out there with field experience, but the problem is that this knowledge can degrade over time because cyber security is evolving at such a rapid pace.”
In addition, Chris Castaldo, CISO at Crossbeam, detailed his opinions on the primary challenges that CISOs encounter while implementing their digital safety roadmaps for development. “Not understanding the business. That’s the main barrier. Everyone that I talk to that’s trying to implement some new tool or a new process or policy and meets resistance typically hasn’t spent enough time trying to understand what those stakeholders really care about and tailoring that message to them.”
The 2023 Cyber Security in Focus Report is an invaluable tool to comprehend the constantly changing obstacles encountered by CISOs and security professionals in managing the convergence of budgetary constraints, shortages of employees, and changing technological landscapes.
As businesses watch the digital world evolve, the 2023 Cyber Security in Focus Report serves as an extensive reference. It offers an in-depth overview of the dynamic difficulties that CISOs and security executives confront as they manage the complex confluence of budget restrictions, personnel shortages, and a constantly expanding technology world.
This research additionally illuminates the present status of cyber security, but it also provides an outline for companies wishing to strengthen their security posture in the future.
About Stott and May
Founded in 2009, Stott and May is a professional talent solutions firm that focuses on technology recruitment without compromising the quality of the candidate and the time-to-hire. Their vision is to empower, engage, and connect the working world, and unlock the potential of people and partnerships.