Provided by: RS Risk Solutions
Amount of IT Budget Spent on Cyber Security Insufficient, Report Finds
More than half (53%) of organisations report that cyber security threats are their number one concern, more so than financial and operational risks. Yet on average just 11% of companies IT budgets are currently dedicated to security, which could leave organisations exposed.
Report Findings Explained
2,500 IT and business leaders across the UK, US and Australia were surveyed to uncover the complex threats preventing organisations from building consumer trust.
According to the survey, 55% of organisations think the risks they face have never been higher, and 53% say that cyber security threats are their number one concern. Other findings included the following:
• Fifty per cent of organisations reported detecting and responding to cyber security threats at least once a week.
• Forty six per cent of organisations reported that one of their vendors had experienced a data breach since they began working together.
• Fifty one per cent of organisations reported being concerned about the risks that artificial intelligence (AI) poses to their security.
• Sixty five per cent or organisations reported that customers, suppliers and investors now require more proof of security compliance.
Despite these concerning statistics, organisations aren’t investing sufficiently in cyber security, according to the survey. In fact on average only 11% of companies IT budgets are earmarked for cyber security, in an ideal world this would be 17%. Compounding the problem, 11% of organisations have decreased their investment in hiring cyber security staff due to budget constraints and talent shortages.
The survey asserted that AI could be the key to unlocking IT security team efficiencies. For instance organisations spend six hours per working week on vendor security reviews. AI could streamline vendor risk reviews and eliminate other manual tasks. However, the need for AI governance to ensure compliance with data collection regulations remains imperative. Only 36% or organisations are in the process of putting a company AI policy in place despite the increased use of AI tools.
Next Steps
According to the survey, outdated processes and legacy solutions relying on manual updates are leaving organisations with insufficient visibility into their security posture. To keep pace with evolving threats to maintain consumer trust, organisations must “go beyond the standard way of doing things” Organisations can strengthen their security posture in the wake of evolving threats by automating key work flows, adopting a zero trust security model, and ensuring continuous monitoring of security and compliance.
In addition cyber insurance can help financially protect organisations from the devastating consequences of evolving cyber threats. Contact us today for additional guidance and insurance solutions.