(Source – Shutterstock)

Skills shortage, burnout can lead to increased cyberattacks

Cyberattacks are still happening with no signs of slowing down. Companies have invested a lot in various security protections, but according to the State of Security 2022 report by Splunk, 65% of respondents say they have seen an increase in attempted cyberattacks.

The report from the data platform company also showed that many have been directly impacted by data breaches and costly ransomware attacks, which have left security teams exhausted. In fact, the report showed that nearly half (49%) of organizations say they have suffered a data breach over the past two years.

The global research shows which also included respondents from Singapore showed that nearly two-thirds of organizations have seen an increase in cyberattacks, while teams are facing widening talent gaps.

Skills shortage in Singapore remains the biggest challenge in Singapore despite reporting fewer cybersecurity incidents compared to other countries. Organizations in Singapore were less likely to report several cybersecurity incidents such as DDoS attacks, fraudulent websites, and software supply chain attacks.

Interestingly, Singapore-based respondents also reported that their organizations are more resilient when it comes to downtime. Only 2% reported outages to apps tied to security incidents on a weekly basis, compared to 22% as shared by their peers globally.

However, when it comes to cybersecurity skills shortages, hiring and retention were the biggest factors, with 44% of Singapore organizations reporting that as key challenges, compared to 22% shared by their peers across the globe. Also, organizations in Singapore are more hesitant in their approach to the cloud. While 40% of their peers globally have a cloud-first policy, just 22% of respondents in Singapore do.

Globally, 59% of security teams say they had to devote significant time and resources to remediation, while 54% of respondents report that their business-critical applications have suffered from unplanned outages related to cybersecurity incidents on at least a monthly basis, with a median of 12 outages per year, which can cost up to US$ 200,000 per hour in losses.

Should organizations focus on cyberattacks or increasing security workforce?

According to Ryan Kovar, Distinguished Security Strategist at Splunk, the survey has revealed that organizations are deeply concerned about supply chain attacks, especially after the SolarWinds hacks of 2020 and the Log4Shell incident in late 2021.

“90% of organizations reported that they have increased their focus on third-party risk assessments as a result of those high-profile attacks. In my 20 years in IT security, I’ve never seen software supply chain threats given this level of visibility. Unfortunately, this will only increase the already intense pressure security teams face,” explained Kovar.

With the skills shortage in cybersecurity being a global problem as well, the workload on existing cybersecurity teams has also increased with 76% of IT teams having to take on responsibilities they are not ready for. What’s more concerning is that 73% of respondents say that workers have resigned, citing burnout.

Jane Wong, Vice President of Security Products at Splunk pointed out that while the report has revealed the challenges security professionals face, there are steps that can be taken to alleviate these issues.

“One positive sign is that over two-thirds (67%) of organizations are actively investing in technologies designed for advanced analytics and security operations automation. Automation is critical to help reduce the time it takes to respond to attacks, and these technologies should focus on assisting our human analysts, not replacing them. This can mean fewer tools, not more,” Wong commented.

For example, Wong highlighted that a platform approach can make it easier for security teams to take action on complex threats, while the basic stuff is remediated at machine speed. The result should be less sense of being overwhelmed and less analyst burnout but also reduced dwell time if the organization has been breached.