Fragmented cybersecurity vendor landscape is exacerbating risks and compounding skills shortages

The majority of large enterprises spend an average of 3-5 months integrating and training teams on each new security solution - at the expense of threat hunting, vulnerability scanning and security awareness training.

  • Thursday, 8th February 2024 Posted 10 months ago in by Phil Alsop

Attitudes to cybersecurity within the UK's largest organisations are highly contradictory and risk exacerbating existing risks, stress, and inefficiency, new research from SenseOn has revealed. The research - which was conducted by OnePoll and surveyed 250 IT and Security decision makers at UK and Irish companies with more than 250 people - uncovered that the vast majority still subscribe to the belief that 'the more cybersecurity tools you purchase the more protected you are', despite new tools taking an average of 2.4 months to adopt, taking away from other critical activity including threat hunting and security awareness training. The study also found that two thirds of respondents from the largest organisations (5,000-10,000 employees) see third party risk as a primary challenge, presenting a further contradiction to the perception that more tools improves security.

This speaks to a security ecosystem where organisations feel compelled to buy tools to feel better protected, only to find themselves concerned about the necessary exposure of having more suppliers and vendors, and with months in cybersecurity limbo, dedicating even more time to adopting the new tools, rather than using them.

The problem of new tools being hailed as a solution to security problems is further compounded by a chronic lack of staff to adopt - and subsequently manage - these tools. At a time when security professionals are already overwhelmed and under-resourced, new tools can place additional demands on already stretched teams.

Corresponding to this narrative, the same poll of security professionals also found that 95% of respondents believe that stress is impacting staff retention in their organisation. When polled on what technologies would reduce this stress, 83% of respondents highlighted ‘tools that use AI to automate security activity’ and 81% opted for security awareness training.

“The research supports something lots of people working in the industry already know: Cybersecurity is broken.” said David Atkinson, Founder and CEO of SenseOn. “Such a large majority of security leaders reporting their companies reliance on tools in place of a security strategy is a huge concern.

“The tools they are purchasing are expensive, time-consuming to launch, and are not built to integrate with each other. This means that despite spending huge amounts of time and money on them, they do not make an organisation safer - particularly when considering the justified concerns many of these leaders share regarding their supply chain risks.Companies should look to solve these issues by partnering with vendors that can unify multiple security disciplines under a single unified product, which can reduce costs, blindspots, and alleviate much of the stress security teams are currently experiencing.” 

Beacon, NY, Dec 20, 2024– DocuWare unveils its AI-powered Intelligent Document Processing (DocuWare IDP), bringing about unprecedented improvements...
85% of IT decision makers surveyed reported progress in their companies’ 2024 AI strategy, with 47% saying they have already achieved positive ROI.

MSPs will invest in more AI security forecasting

Posted 5 days ago by Phil Alsop
Predictive maintenance and forecasting for security and failures will be a growing area for MSPs with an interest in security, says Nicole Reineke,...

Machine identities next big target for cyberattacks

Posted 6 days ago by Phil Alsop
Venafi has published the findings of its latest research report: The Impact of Machine Identities on the State of Cloud Native Security in 2024....
Nearly 50% of organisations have experienced a security breach in the last two years.

IT professionals recognise lack of gender diversity

Posted 1 week ago by Phil Alsop
The majority (87 percent) of IT professionals agree that there is a lack of gender diversity in the sector, yet less than half (41 percent) of...

A moving landscape for MSPs

Posted 1 week ago by Phil Alsop
2025 predictions from Ranjan Singh, chief product officer at Kaseya.

Data breach epidemic takes its toll

Posted 1 week ago by Phil Alsop
New study by Splunk shows that a significant number of UK CISOs are stressed, tired, and aren’t getting adequate time to relax.