Globally, only 65% organisations have cybersecurity experts
New Delhi: Only 65 per cent organisations globally have a cybersecurity expert even as 95 per cent of Chief Information Officers (CIOs) expect cyber threats to increase over the next three years, a report said on Tuesday.
According to market research firm Gartner's "2018 CIO Agenda Survey," skills challenges continue to plague organisations that undergo digitalisation, with digital security staffing shortages considered a top inhibitor to innovation.
"In a twisted way, many cybercriminals are digital pioneers, finding ways to leverage big data and web-scale techniques to stage attacks and steal data," Rob McMillan, Research Director at Gartner, said in a statement.
The firm gathered data from 3,160 CIO respondents in 98 countries and across major industries, representing approximately $13 trillion in revenue/public sector budgets and $277 billion in IT spending.
"CIOs can't protect their organisations from everything, so they need to create a sustainable set of controls that balances their need to protect their business with their need to run it," McMillan added.
Thirty five per cent of survey respondents indicated that their organisation has already invested in and deployed some aspect of digital security, while an additional 36 per cent are actively experimenting or planning to implement in the short term.
According to Gartner, 60 per cent of security budgets will be in support of detection and response capabilities by 2020.
The findings showed that many CIOs consider growth and market share as the top-ranked business priority for 2018.
"The bad news is that cybersecurity threats will affect more enterprises in more diverse ways that are difficult to anticipate," McMillan said.
While most organisations have a role dedicated to cybersecurity expertise, and therefore appreciate its needs, the cybersecurity skills shortage continues.
The research firm recommends that chief information security officers (CISOs) continue to build bench strength through innovative approaches to developing the security team's capabilities.