Nine in 10 of IT leaders have said that the risk and severity of cyber-attacks has increased over the past year, while 61% believe the attack surface is now ‘impossible to control’, according to a new report from Appsbroker CTS.
The report, titled Tipping the cyber scales: How defenders can get back in the game, found that the top five threats IT leaders are concerned about include:
- Being hit by a malware, ransomware or phishing attack that halts their ability to operate
- Lack of visibility around unknown security risks
- Threat actors stealing identities to access privileged systems and data
- Misconfigurations leaving systems open to attack
- Having to patch and rewrite vulnerable applications
Emerging technologies like GenAI will change the game when it comes to cyber-attacks, according to 79% of those questioned, which leaves them unprepared for some cybersecurity challenges. This figure rises to 94% for those in the public sector.
Cybersecurity Investment Having Little Impact
Cybersecurity investment has increased, according to 97% of leaders. However, many of those surveyed felt like this investment is failing to make the right impact. Over half (55%) said they felt less secure today than a year ago.
A total of 57% said they felt that cybercriminals will continue “winning” regardless of investment and 61% said that the attack surface is impossible to control.
“As cyber-attacks become more frequent, advanced and insidious, continually evolving, your cybersecurity measures are the only way to protect against an ever-changing threat. This starts with knowing which investments are having the biggest impact on reducing the attack surface and mitigating risk,” commented Ed Russell, CISO Business Manager at Appsbroker CTS.
Governance and Controls Lacking
The report also highlighted that many businesses lack the lack the governance, processes and controls to protect their data.
An inability to apply governance, policies and controls across environments means security is applied inconsistently, according to 67% of IT leaders surveyed. Moreover, 71% say a lack of access and control over data is opening them up to security risks.
“In a bid to shift the balance, 53% of organizations have implemented at least some Zero Trust controls,” Russell said.
“However, several barriers exist that prevent businesses from applying Zero Trust consistently across all environments – with the top five being: cost, legacy integrations, complexity and size of organization, lack of resources, and a lack of skills and understanding.”
Appsbroker CTS worked with independent surveyor Sapio Research to survey 150 UK IT decision makers, working in organizations with 500+ employees. The interviews were conducted online by Sapio in September 2023, using an email invitation and an online survey.