Eyes wide open

IT and security leaders across industry feel less secure now than they did a year ago, with 79% believing that emerging technologies like GenAI will ‘change the game’, leaving them unprepared. These are just two of the key findings of a new report by Google Cloud transformation partner, Appsbroker CTS.

The report, which surveyed more than 150 IT and security decision-makers across multiple sectors, revealed that a large number of leaders are now feeling overwhelmed by the challenge of securing their business in the face of rising threats.

The top five threats keeping IT leaders awake at night, as revealed by the report titled Tipping the cyber scales: How defenders can get back in the game, are as follows:

Being hit by a malware, ransomware or phishing attack that halts their ability to operate.

Lack of visibility around unknown security risks.

Threat actors stealing identities to access privileged systems and data.

Misconfigurations leaving systems open to attack.

Having to patch and rewrite vulnerable applications.

Across all sectors, there was a general perception that the cost of cyber attacks is outstripping investment in cyber security. 97% of IT leaders have increased cyber security investment, but many feel it’s failing to make the right impact, with 55% feeling less secure today than a year ago. 61% of IT leaders lack confidence that their level of cyber investment will be enough to reduce their overall risk.

Perhaps most worryingly, 61% of the leaders we surveyed said the attack surface is ‘impossible to control’ with 57% feeling that cyber criminals will keep on winning regardless of cyber investment.

While many IT leaders are excited about the potential of transformative technologies like GenAI, 79% worry that GenAI will ‘change the game’, leaving them feeling unprepared.

Ed Russell, CISO Business Manager at Appsbroker & CTS, comments:

 “As cyber attacks become more frequent, advanced and insidious, continually evolving your cybersecurity measures is the only way to protect against an ever-changing threat. This starts with knowing which investments are having the biggest impact on reducing the attack surface and mitigating risk.

Yet many businesses lack the tools and visibility needed to continuously monitor, test, measure and benchmark their security posture. Without this insight, it's impossible to know if investments are being directed to the right areas, or if existing defences are effective. Cloud and GenAI have a crucial role to play here, offering new opportunities for businesses to take a secure by design approach that can help to tip the cyber security scales back in their favour.”

Ultimately, all roads lead back to data. Yet, as the report highlights, many businesses lack the governance, processes and controls to protect this digital crown jewel. 67% of IT leaders surveyed say their inability to apply governance, policies and controls across environments means security is applied inconsistently. Moreover, 71% say a lack of access and control over data is opening them up to security risks.

In a bid to shift the balance, 53% of organisations have implemented at least some Zero Trust controls. However, several barriers exist that prevent businesses from applying Zero Trust consistently across all environments – with the top five being: cost, legacy integrations, complexity and size of organisation, lack of resources, and a lack of skills and understanding.