Cyber security consultancy S-RM has revealed in its Cyber Security Insights Report that there has been a drop in concern around the cyber security threats posed by hybrid working. However, a significant proportion (35%) of IT leaders say they are concerned over a cyber skills gap among employees.
The report, which draws on data from 600 C-suite and IT budget holders from organisations with revenue over USD $500m, found that 37% of organisations reported concerns around hybrid working – a drop from 46% in 2021. This may be in part due to growing awareness of cyber security threats among employees. When asked about the biggest cyber security challenges their organisation faced, just 31% of respondents ‘perceived lack of importance from employees in 2022’. While there is still a way to go, this figure is down from 36% in 2021.
Despite growing awareness among employees, the cyber skills gap still remains an area of vulnerability. Over a third of senior IT leaders and C-suite holders in 2022 (35%) highlighted a lack of cyber skills and expertise as a key challenge facing their business when it comes to cyber security defence and incident management – a figure that rose to 42% within the financial services industry. These statistics support the ongoing industry discussion about the difficulties of attracting and retaining the best talent.
The report also illustrated that businesses with more mature cyber security policies prioritise different challenges than less experienced companies. Businesses where senior leaders viewed the company’s cyber security as ‘very mature’ were more likely to consider compliance and unsophisticated or outdated cyber security tools as their key challenges (37% and 33%).
Comparatively, companies describing themselves as ‘somewhat mature’ were less likely to identify these as key challenges (25% and 26%) but rather identified a lack of skills and expertise (38%) as well as a lack of internal training (33%) as their main issues to their business – highlighting again the worries over the skills gap amongst decision makers.
Jamie Smith, Board Director at S-RM said:“While we have found that more companies are now adjusting to hybrid working and viewing it as less of a risk, it is clear that cyber security challenges are continuously evolving and 2023 will bring fresh risks to consider. One of the biggest protective measures companies can take over cyber security threats is to build a resilient workforce, and a positive takeaway from our report is that we are seeing more employees take more notice of security threats.”
Paul Caron, Head of Cyber Security, at S-RM said: “Our report finds some great progress in cyber security maturity across a slew of industries but there is still a significant skills gap evident in the workforce. This is a perennial problem for the sector: how to attract and retain the best talent, to win the knowledge, skills, and technology arms race between threat actors and private businesses. It is crucial, for businesses to continue to invest in high quality cyber security training in order to both attract this talent and firm up their own defences by closing this skills gap.”
Further detail on the full report can be accessed on the S-RM website, here