Confidence in companies’ cyber defence plummets

Only 1 in 5 cybersecurity leaders consider their organisation’s cyber defence approach effective.
In a survey of 500 worldwide cybersecurity leaders, it seems that many do not consider their organisation’s approach to cyber to be effective

Given the constant development and increase of various technologies in the business landscape, it is only natural that safeguarding against cyber-attacks should be a priority for all organisations.

However, with the number of cyber threats and associated costs that are increasing, cybersecurity leaders are struggling with the effectiveness of their organisations’ defences, according to the EY 2023 Global Cybersecurity Leadership Insights Study.

In a survey of 500 global cybersecurity leaders, it was surprising to discover that only 1 in 5 respondents consider their organisation’s approach to cyber effective for both current and future threats. Around half of the responses showed scepticism towards the effectiveness of the training provided by companies, with only 36% being content with the levels of best practice adoption by teams outside of their IT department.

At the same time, the respondents have reported increasing costs associated with cybersecurity investment and an average of 44 cyber incidents in 2022. Chief Information Security Officer (CISO) respondents have reported an average annual spend of US$35m on cybersecurity, with the median cost of a breach increasing by 12% to US$2.5m in 2023, and is predicted to reach US$4m.

Response times to attacks are too long

In spite of the high levels of spending, detection and response times appear to be lagging. A staggering 76% of respondents claim that their organisations take an average of six months or more to detect and respond to an incident.

EY’s Global and Asia-Pacific Cybersecurity Consulting Leader, Richard Watson, says: “After all the time and money spent on cybersecurity, CISOs still feel very unprepared against cyber threats. 

“The levels of dissatisfaction are more worrying when seen in the context of increasing geopolitical instability, economic uncertainty and the rapid adoption of emerging technologies that will push the number of incidents to even higher levels and see cyber adversaries continually evolve.”

A more satisfied approach equates to fewer cyber incidents 

The study showed that the respondents who are more satisfied with their company’s approach to cybersecurity have certain characteristics, and have experienced fewer cyber incidents as they can detect, as well as respond, to incidents faster.

70% of these "Secure Creators" in the study identify as early adopters of emerging technology and focus on extracting maximum value from specific advanced solutions, notably artificial intelligence/machine learning (AI/ML) (62%) and Security, Orchestration, Automation and Response (SOAR) (52%). These technologies enable them to maintain a clear view of cybersecurity incidents, as well as have well-defined strategies for handling attacks.

Consequently, “Secure Creators” implemented a cybersecurity mindset and training from the C-suite down to the workforce. As a result, CISOs in these organisations say that their approach is more likely to have a positive impact on the speed of their transformation and innovation (56%), their ability to respond to market opportunities (58%), and their capacity to create value (63%).

Watson concludes: “When it comes to technology, the more clutter an organisation has in its armoury, the harder it is to pick up signals and get on top of issues quickly. CISOs should focus not on bolting on new technologies but integrating existing ones better. 

“Organisations are now inextricably and digitally linked to businesses in their supply chain. CISOs should champion thinning out supply chains, so they are dealing with fewer suppliers, and work to ensure that a cyber security lens is applied over them.

“It is the very scale and complexity of security measures and processes in an organisation that pose the greatest threat to efficient cybersecurity. Instilling a culture of being brilliant at the basics of cybersecurity across the organisation can prove to be the best defence.”


For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Net Zero LIVE on 6 and 7 March 2024.  


BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.


Featured Articles

How Microsoft Is Helping Rural Hospitals Get Cyber Secure

Microsoft is giving rural hospitals a hand to help them get their cybersecurity up to snuff to keep them running amid the rising attacks on healthcare

SpiceRAT: Cisco Talo Sound Alarm Over New Trojan

Remote Access Trojans are resurfacing, and Cisco Talo shows they are doing so with increased sophistication

CrowdStrike & HPE: Unifying IT and Security for Secure AI

CrowdStrike and HPE are joining to integrate their Falcon platform and GreenLake cloud and OpsRamp AIOps to give an overview of AI infrastructure

Zscaler and NVIDIA Join to Upskill Zero Trust with Gen AI

Network Security

Gigamon Sound Alarm on Cloud Security as Unseen Attacks Soar

Cloud Security

Helping APAC Curb the Threat of Cyber Attacks

Hacking & Malware