Only two-fifths of UK IT leaders would feel confident in their ability to respond to a cyber incident today

New research from Rackspace Technology delves into the state of UK businesses’ cybersecurity strategies.

Only 47% of organisations feel confident in their understanding of the cybersecurity threat landscape for their business, according to new research from Rackspace Technology. In addition, only two fifths (39%) of UK businesses feel confident in their ability to respond to incidents today.

A look into the UK business cybersecurity landscape

Constantly evolving security threats and attack methods, as well as increasing attack opportunities as data volumes, digital operations and remote work continue to grow, are cited by three fifths (60%) of the UK’s IT leaders as the greatest cybersecurity challenges their organisation is currently facing.

In the face of this threat landscape, further concern is raised by the finding that more than half (53%) of IT decision makers don’t have the capability today to identify security incidents across multicloud environments, though they do feel confident they will have it in the next three years. When it comes to mitigating threats, only 38% of those surveyed feel confident in addressing them today, and only 36% feel assured in addressing regulatory compliance.

In relation to data, just two in five (41%) are currently confident in their ability to protect critical data and warehouses, with a further 45% believing they will reach that point in the next three years. And when it comes to assessing cybersecurity capabilities and needs on a periodic basis, only two in five (42%) felt comfortable in this area.

The talent and skills gaps

Contributing to or explaining some of the ongoing challenges, almost half (44%) of companies are finding it hard to retain and recruit cybersecurity talent, though a similar proportion (45%) are confident in their internal initiatives in terms of cybersecurity talent retention.

The cybersecurity skills touted as the most important were cloud security (42%) and data privacy and security (40%). Despite its importance, a third (32%) of companies feel the biggest cybersecurity skills gap is in relation to cloud security.

Addressing the cybersecurity gaps with third-party providers

In the face of staffing and skills concerns, more than half of UK businesses (55%) rely on in-house staff with some external third-party help. A similar number (56%) said they use up to five external partners to provide cybersecurity. When looking into the types of cybersecurity partner the businesses engage with, the most sought-after are Security Value Added Resellers (47%), Managed Security Service Providers (45%) and Managed Detection & Response Providers (41%).The top three areas of cybersecurity most likely to be handled by external partners are around integrated risk (44%), application security (44%) and data security (37%).

When asked to report their companies’ overall level of maturity in cloud security, 35% said they were at intermediate level, having to rely on third-party tools built for cloud security. An additional 32% described themselves as cloud-centric, meaning they use native tooling mixed with third-party tooling.

Andy Brierley, UK General Manager at Rackspace Technology, said: “Cybersecurity is one of the most important digital elements for UK businesses, but also the trickiest to address. This is particularly true due to the accelerated pace of digital transformation across key sectors.

“Given the current digital skills gap and ongoing recruitment challenges, it is important that businesses seek further support from third-party partners to help identify and address their weaknesses.

“Factors such as the evolving threat landscape, remote working conditions and talent shortages all feed into the varying security needs from one business to the next. What is increasingly clear is that few businesses have all bases covered – people, processes and technology in place – when it comes to a mature cybersecurity model. Working with a partner that can bring these specialist skills and tailor them to specific requirements is an increasingly popular and effective way to ensure and increase overall confidence in addressing cybersecurity needs.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the attackers, the board a decade behind security discussions and regulation needing more industry input.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that the UK’s Mid-Market IT Leadership expects to see a shortfall in IT spend in 2022. While 52% of IT decision-makers believe their 2021 budget met the ambitions of their team, there seems to be less certainty and confidence about future finances — 61% think their budget will need to increase in 2022, but only 13% expect it to.
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and operational cloud services that is unique on the market, enabling clients across the world to meet the challenges of managing their data in the edge to cloud continuum, in line with the highest jurisdictional data governance requirements. Part of the Atos' OneCloud initiative, Atos OneCloud Sovereign Shield is a comprehensive edge to cloud platform ecosystem and highly secure service that improves the level of control clients have over the data they produce and exchange, helping them regain control and effectively deal with legal dependencies.
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets across Europe with further expansion into APAC planned.
Research from Avast has found that employees in almost a third (31%) of Small and Medium Businesses (SMBs) in the UK are connecting to the corporate network using personal devices that do not have any security controls in place, according to IT Decision Makers (ITDMs) within SMBs.
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53% offer backup services.
Trend Micro has published new research revealing that 90% of IT decision makers claim their business would be willing to compromise on cybersecurity in favor of digital transformation, productivity, or other goals. Additionally, 82% have felt pressured to downplay the severity of cyber risks to their board.
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real terms’ during 2022 – leading to increased cyber vulnerability.