An overwhelming 95% of IT leaders in the UK and Ireland say stress impacts their staff retention. This is exacerbating the talent shortage within the industry, with 41% of businesses citing a lack of skilled personnel as the main challenge in managing and responding to cyber threats, according to research from cybersecurity leader SenseOn.
The research, which surveyed 250 Heads of IT at UK&I companies with more than 500 employees also found, perhaps unsurprisingly, that IT leaders are looking to technology to help solve this problem. But many appear to be searching for a quick-fix solution, rather than a lasting and effective partner. For example, more than half (56%) of organisations bought new cyber tools as a direct result of the SolarWinds security breach.
When looking to adopt new cybersecurity solutions, two in five (42%) businesses say ‘ease of implementation’ is one of their top considerations – coming out above both cost and vendor reputation.
However, the findings also highlight that the implementation of new technology takes on average up to six months, with a further six months spent on training staff to use the tool, increasing the burden on teams that are already under significant pressure. Almost two-thirds (64%) of respondents admit they could have spent this time more productively by spending more time researching new cybersecurity tools.
Therefore, rather than helping to solve the challenges and stress being faced by cybersecurity professionals, this approach may be adding to the problem and lead to regret among IT leaders who are buying point products to resolve isolated cybersecurity issues, rather than looking at the bigger picture. On top of this, more than a quarter (27%) of organisations don’t have a threat detection and response solution in operation, leaving them vulnerable to cybersecurity threats and open to risk.
David Atkinson, CEO, SenseOn, commented, “Too often, organisations buy new cybersecurity solutions as a knee jerk reaction to issues like growing cyber threats or stress among their IT teams. But they’re not thinking about the value they will provide in both the short-and long-term, and the broader implications.
“What they really need to do is take a more measured approach, consolidating the cyber stack to better make sense of the data, and reduce alert fatigue and stress. In doing so, they will also alleviate the pressure on IT and security professionals and help to improve staff retention. After all, more tools don’t equate to increased security, in fact it can create extra vulnerabilities and add to the pressure on employees.”
