Lack of Responsibility and 24/7 Staffing Concern UK Cyber Professionals

share
Header image

Lack of Responsibility and 24/7 Staffing Concern UK Cyber Professionals

share

Only a third have what they feel is sufficient staffing for full time coverage.


According to research from Trend Micro, UK organisations lack sufficient resources and leadership buy-in to measure and mitigate risk across their digital attack surface.

The survey of 100 UK cybersecurity leaders found the top three gaps in cyber-resilience revealed by respondents were:

  • Sufficient staffing for 24x7x365 cybersecurity coverage – which 31% have

  • Attack surface management techniques to measure the risk of the attack surface (used by 32%)

  • Using proven regulatory and other frameworks like the NIST Cybersecurity Framework (34%)

Also, 48% of global respondents claimed that their leadership doesn’t consider cybersecurity to be their responsibility and when asked who does or should hold responsibility for mitigating business risk, respondents returned a variety of answers, indicating a lack of clarity on reporting lines. A quarter (25%) of UK respondents said the buck stops with organisational IT teams.

Bharat Mistry, technical director at Trend Micro said: “A lack of clear leadership on cybersecurity can have a paralyzing effect on an organisation - leading to reactive, piecemeal and erratic decision making.

“Companies need CISOs to clearly communicate in terms of business risk to engage their boards. Ideally, they should have a single source of truth across the attack surface from which to share updates with the board, continually monitor risk, and automatically remediate issues for enhanced cyber-resilience.”


Written by
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Detection and Response Published: 19 September Written by
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Related content

Incident Response: What To Do In A Worst-Case Scenario

Incident Response: What To Do In A Worst-Case Scenario

 Half of UK Cyber Teams Not Reporting Incidents

Half of UK Cyber Teams Not Reporting Incidents

 SolarWinds Issues Fixes For Flaws

SolarWinds Issues Fixes For Flaws
Increase in Number of Large Enterprises Spotting Attacks

Increase in Number of Large Enterprises Spotting Attacks

 AT&T to Pay $13 Million over 2023 Breach

AT&T to Pay $13 Million over 2023 Breach

 Google Cloud Document AI Flaw Could Allow Theft

Google Cloud Document AI Flaw Could Allow Theft
UK Government: Demand for Cybersecurity Professionals Falls

UK Government: Demand for Cybersecurity Professionals Falls

Upcoming Events

24
Oct
Webinar

Securing Data in the Cloud: Advanced Strategies for Cloud Application Security

Discussing the current trends in cloud security, focusing on the challenges of hybrid environments

In this live webinar, join security specialists from OPSWAT to discuss the current trends in cloud security, focusing on the challenges of hybrid environments, including diminished visibility and weakened threat detection.

image image
Find out more chevron_right