Earlier this year, we launched our global 2020 CISO Benchmark Report, based on a comprehensive survey of 2800 security leaders.
Yet while we’ve been digging into the detail, uncovering any UK specific differences, I’m faced with the dilemma of writing this with the hindsight that we’re now living through a global pandemic.
While the challenges CISOs now face remain similar to those of late last year, there are bound to be shifts in terms of prioritisation, key threats and timescales for getting projects completed.
With all that you’re now faced with to manage, how do you know what to focus on to stay secure? How do you cover your organisation from cyberattacks if you’re operating with a reduced staff?
We’ve highlighted these key UK stats so that you’re aware of what the main challenges/ successes are, in the hope that these insights will help you focus on what matters.
Phishing is the top UK attack type
No surprise here, with the top three – phishing, malware and malicious spam – interchanging over the years, and our intelligence teams seeing the nature of phishing attacks adapt to exploit our new reality. There is also a huge vulnerability with the various financial support programmes out there. Organisations and staff must therefore be ever more vigilant in identifying fraudulent email subject lines and fake websites.
More alerts but better remediation
26% of UK companies saw more than 50,000 alerts a day in 2019, compared with just 16% in the previous year. Yet despite this jump in volume, the percentage of alerts investigated remained consistent at 48%. Encouragingly, the number of remediated legitimate alerts increased from 39% to 47.5%.
More cyber fatigue, on average, than the rest of the world
We’ve also seen a strong correlation between alert volumes and the rate of cyber fatigue and burnout. Cyber fatigue affects 48% of UK respondents compared with 42% globally.
This could also be down to the scale of attacks experienced over here; 55% of companies experienced system outages of over 5 hours in 2019. The number of data records impacted by a breach has dramatically increased too – 30% of UK companies saw over 100,000 records affected compared with just 6% in 2018.
The pressure on CISOs and their teams is extreme at the best of times, but it’s important to consider the additional demands they’ve been hit with over the past few weeks:
- working through immediate move to remote set-ups
- increased attack surface
- physical security concerns
- more emotive based scams and personal strains.
It’s therefore crucial that teams are supported, to avoid burnout. We have some additional tips on supporting remote workers here.
Cross team collaboration
Collaboration between network and security teams remains high with over 91% of respondents saying they are very or extremely collaborative, and 87% reporting close cooperation between endpoint and security teams. Despite both dropping a couple of percentage points, the overall trend points to less likelihood of working in silos.
We encourage security leaders to embrace this positive trend.
Integration over latest tech
As for infrastructure, 53% of security professionals said they replace or upgrade their technology regularly. However only 40% said they were ‘very up-to-date’ and using the best technology available, compared with 52% globally.
We have definitely seen our customers’ priorities swing towards security systems and tools that can easily integrate and perform specific tasks, away from advanced technologies that are potentially underutilised due to their complexity.
Trust in Cloud
This is one area that may well have changed since the publication of our report, given our mass move towards remote working.
Since 2018, the belief that cloud solutions help organisations work more effectively than on premise had dropped from 93% to 81%, as UK organisations struggle to defend applications from cyberattacks compared with the rest of the world. Given that many are now relying heavily on cloud-based technologies and applications, organisations may have been forced to focus their attention on these.
What’s next?
We’ll be exploring all the areas I’ve touched on in more depth over the months ahead – but in the meantime, I’d recommend downloading the full global report here.
When we published this report, we had no idea what was in store and how swiftly and dramatically our lives would change. As for whatever happens next, it’s certainly going to be a challenging – and interesting – time for the world of security, and I for one am interested to see what the next report has in store.