Organisations search for quick wins as burden placed on teams deepens the skills gap, but are unlikely to see any value from new cybersecurity implementations for a year.
An overwhelming 95% of IT leaders in the UK and Ireland say stress impacts their staff retention. This is exacerbating the talent shortage within the industry, with 41% of businesses citing a lack of skilled personnel as the main challenge in managing and responding to cyberthreats, according to research from cybersecurity leader, SenseOn.
The research, which surveyed 250 heads of IT at UK&I companies with more than 500 employees also found, perhaps unsurprisingly, that IT leaders are looking to technology to help solve this problem. But many appear to be searching for a quick-fix solution, rather than a lasting and effective partner.
When looking to adopt new cybersecurity solutions, two-in-five (42%) businesses say ‘ease of implementation’ is one of their top considerations – coming out above both cost and vendor reputation.
However, the findings also highlight that the implementation of new technology takes on average up to six months, with a further six months spent on training staff to use the tool, increasing the burden on teams that are already under significant pressure. Almost two-thirds (64%) of respondents admit they could have spent this time more productively by spending more time researching new cybersecurity tools.
Therefore, rather than helping to solve the challenges and stress being faced by cybersecurity professionals, this approach may be adding to the problem and lead to regret among IT leaders who are buying point products to resolve isolated cybersecurity issues, rather than looking at the bigger picture. On top of this, more than a quarter (27%) of organisations don’t have a threat detection and response solution in operation, leaving them vulnerable to cybersecurity threats and open to risk.
“Too often, organisations buy new cybersecurity solutions as a knee jerk reaction to issues like growing cyberthreats or stress among their IT teams,” said David Atkinson, CEO, SenseOn. “But they’re not thinking about the value they will provide in both the short-and long-term, and the broader implications.
“What they really need to do is take a more measured approach, consolidating the cyber stack to better make sense of the data, and reduce alert fatigue and stress,” added Atkinson. “In doing so, they will also alleviate the pressure on IT and security professionals and help to improve staff retention. After all, more tools don’t equate to increased security, in fact it can create extra vulnerabilities and add to the pressure on employees.”