“The State of the Security Team 2022: Can Security Teams Meet Stakeholders’ Requirements? reveals a significant improvement in leadership teams’ understanding of the importance of cybersecurity; and stronger alignment between executive leadership and their security teams.
The report also observed participating APAC businesses have a stronger cybersecurity posture compared to the global average when it comes to implementing effective cybersecurity solutions, having a real-time, consolidated view of their security solutions, and having enough executive support.
93% of APAC businesses reported that their company’s security strategy and practices must now align with customers’ security policies and standards. Partners also exert a new level of due diligence, with 88% of APAC respondents sharing that their company must provide proof of meeting partners’ security requirements.
Cybersecurity has thus become a make-or-break factor for business growth, with 73% of professionals having lost a deal due to the customer’s lack of confidence in their company's security strategy.
The direct impact of cybersecurity preparedness has significantly boosted executive buy-in, with 88% in APAC now receiving enough support around budget, strategic vision and buy-in, suggesting an improvement in understanding between executive leadership and their security teams.
This is a marked improvement from LogRhythm’s initial report in 2020, where the same figure stood at 43%.
In addition, almost all (94%) security teams in APAC have provided reports directly to their CEO, with regard to security matters such as an incident explanation or issue resolution, higher than the global figure (88%).
“Cybersecurity is increasingly a business imperative in APAC, given the growing complexity and severity of cyberattacks facing organisations in the region,” said Joanne Wong, vice president, of international markets of LogRhythm.
“Having executive leadership buy-in on cybersecurity investments will play a crucial role in building a strong cybersecurity posture, to help businesses confidently navigate the challenges in an ever-evolving threat landscape.”Joanne Wong
APAC saw one of the largest cybersecurity talent gaps worldwide in 2022, with 60% of organisations in the region reporting a shortage in their cybersecurity workforce.
The growing cybersecurity talent shortage, combined with employee turnovers, means that security teams are feeling the pinch.
Consequently, 79% of APAC respondents, regardless of their role, agreed that employee turnover reduces the effectiveness of their security teams.
The research also found that work-related stress became prevalent for APAC security teams in the last two years, with 67% reporting an increase in work-related stress levels, indicating many companies may be trying to do more with less, amidst budget constraints.
The leading stressors for APAC security teams include increased regulations, retaining security resources and talent, as well a lack of cybersecurity expertise among team members. When asked what would help alleviate their stress, hiring of more experienced security team members and increasing the security budget came out on top.
Despite this, the research highlighted that the region has seen a higher rate of employer satisfaction, with up to 94% of company executives happy with the security team’s performance in the last 18 months — 7% higher than the global average.
Alleviating the talent crunch
With many companies using overlapping solutions, driving product efficiencies will be crucial in alleviating the talent crunch.
Notably, the research noted that 87% of APAC companies have an increasing trend of overlapping security solutions. With half of this overlap being accidental, security teams face additional work to deploy and maintain duplicative tools, which can be particularly frustrating as these efforts won’t necessarily yield better security defences or improve response times.
With the talent crunch in cybersecurity set to persist for years to come, streamlining and enabling greater efficiency across solutions will be a key strategy for companies looking to mitigate the cyber risks brought about by a shortage of manpower.
Indeed, when security experts were asked directly about the benefits of integrated security tools, they responded with faster security issue notification, identification, and resolution, delivering an overall improved security posture. In short, consolidated security tools lead to faster issue detection, identification, and resolution, yielding improved security posture.
The risks associated with the talent crunch in cybersecurity are compounded by the increasing complexity of cyber threats globally, and the proliferation of threat actors. In this landscape, executives need to pay more attention to the priorities of frontline security professionals and focus on consolidation, training, and staff retention, as well as ensure that teams are armed with the appropriate resources to meet both external stakeholder and regulatory compliance requirements.