SECURITY
SECURITY
SECURITY
Cybersecurity teams struggle to monitor vulnerabilities amid budget cuts and layoffs
Penetration testing-as-a-service company Cobalt Labs Inc. detailed in a new report today the impact of budget cuts and talent shortages in the cybersecurity industry and it’s not good news: Cyber teams are struggling to manage the remediation process and monitor for vulnerabilities.
Cobalt’s fifth annual State of Pentesting Report found that budget cuts and talent shortages are leaving organizations at a higher risk of security breaches. Macroeconomic shifts were found to be affecting organizations’ security standards across the U.S., Europe, the Middle East and Africa.
Job cuts in cybersecurity were not found to be evenly distributed, with more than half (63%) of U.S. cybersecurity professionals reporting that their department’s budget had been cut in 2023, compared with only 28% of their EMEA counterparts. Two-thirds of U.S. companies and 61% in EMEA were also found to have slowed down recruitment for cybersecurity staff.
A reduction in staff numbers and replacements was also found to be causing “cybersecurity burnout” that could push workers to quit. Of those who have encountered layoffs or budget cuts, almost all — 95% in the U.S. and 84% in EMEA — said their roles had changed in the last year. More than 60% of cybersecurity professionals in the U.S. and 29% in EMEA said that, as a consequence, they are feeling burned out.
Half of U.S. respondents and 20% in EMEA said they would consider quitting their jobs if their organizations did not address their burnout.
Lack of staff equals lack of attention, with 79% of U.S. cybersecurity professionals and 66% in EMEA admitting to deprioritizing responsibilities leading to a backlog of unaddressed vulnerabilities. Close to three-quarters in the U.S. and 58% in EMEA said they now struggle to monitor and respond to vulnerabilities.
Other findings in the report include server security misconfigurations cited as the most commonly discovered security vulnerability at 40%, followed by cross-site scripting at 12%, sensitive data exposure at 10%, broken access control also at 10%, and authentication and sessions at 9%.
Alongside the report, Cobalt has released a new Pentest Management Platform to increase the efficiency and quality of pentesting programs. The platform enables in-house security teams, managed service providers and outsourced security teams to cover the entire lifecycle of a pentest, from planning, launching and collaborating on tests to writing reports, tracking vulnerabilities and making remediation efforts.
Image: Pixabay
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
