The latest edition of our annual Voice of SecOps Report shines a spotlight on the mounting pressures that senior cybersecurity leaders and practitioners are experiencing – stress that is causing nearly half of SecOps professionals to consider leaving the industry entirely.
Now in its third iteration, the global research study summarizes the findings of 1,000 respondents across the US, UK, Germany, and France. The core market verticals remain consistent with previous studies and include financial services, retail & eCommerce, healthcare, manufacturing, public sector, critical infrastructure, and technology/related advisory businesses.
Adopting a less technical and more human-centric lens, many of the major themes are centered on relative levels of stress between middle and upper cybersecurity management – highlighting the disconnects that are present between these tiers.
Certain cybersecurity teams, for example, see themselves in an unenviable position of being expected to stop every threat yet knowing this is an impossible expectation. Meanwhile, the C-Suite are focused on prioritizing security with a hybrid and remote workforce and ensuring continuity and threat mitigation in their ongoing digital transformation.
Several key highlights include the following:
- SecOps professionals are near a breaking point. Nearly half of respondents admitted to considering leaving the security industry as a result of high stress levels.
- Ransomware remains a top concern of SecOps professionals. 48% of respondents cite ransomware as a top stressor.
- Paying ransoms ≠ problem solved. When ransoms have been paid, things rarely went “back to normal” – in fact, only 16% of respondents had no further issues after paying a ransom post-attack.
The highly divergent pressures experienced by different management tiers is particularly illuminating, underscoring the need to take a nuanced approach to the unique challenges senior management face compared to SecOps practitioners. In parallel, the study looks at stresses caused by various types of attacks, and which are feared the most, such as supply chain, machine learning-driven, ransomware, fileless, and nation state threats.
The willingness to pay a ransom demand varies somewhat with our recently published UK-only CFO study, but nonetheless reveals that at least one-third of respondents are willing to settle in return for a decryption key and exfiltrated data – despite this rarely being a “cure-all” to their ransomware issues. In addition, our research found that false positive alerts are rising with the sheer number of these notifications leading some SecOps teams to turn off alerts altogether because they are “too noisy” – a worrying state of affairs.
However, our research finds there is light at the end of the tunnel.
SecOps leaders and practitioners were optimistic about the impact new solutions will have on reduced alert volumes as well as benefits such as lowered business risk and improved data protection. Preventing advanced threats at the outset also was intriguing to many respondents with one CISO for a network of U.S. healthcare centres observing, “Prevention-first makes so much sense to me. I need something that prevents a malware file being downloaded, rather than something that tells me a file’s been downloaded after the event.”
Download the Voice of SecOps 3rd Edition in infographic and full report form to get the full picture of our findings.