UPDATED 08:00 EST / APRIL 12 2023

SECURITY

Cybersecurity teams struggle to monitor vulnerabilities amid budget cuts and layoffs

Penetration testing-as-a-service company Cobalt Labs Inc. detailed in a new report today the impact of budget cuts and talent shortages in the cybersecurity industry and it’s not good news: Cyber teams are struggling to manage the remediation process and monitor for vulnerabilities.

Cobalt’s fifth annual State of Pentesting Report found that budget cuts and talent shortages are leaving organizations at a higher risk of security breaches. Macroeconomic shifts were found to be affecting organizations’ security standards across the U.S., Europe, the Middle East and Africa.

Job cuts in cybersecurity were not found to be evenly distributed, with more than half (63%) of U.S. cybersecurity professionals reporting that their department’s budget had been cut in 2023, compared with only 28% of their EMEA counterparts. Two-thirds of U.S. companies and 61% in EMEA were also found to have slowed down recruitment for cybersecurity staff.

A reduction in staff numbers and replacements was also found to be causing “cybersecurity burnout” that could push workers to quit. Of those who have encountered layoffs or budget cuts, almost all — 95% in the U.S. and 84% in EMEA — said their roles had changed in the last year. More than 60% of cybersecurity professionals in the U.S. and 29% in EMEA said that, as a consequence, they are feeling burned out.

Half of U.S. respondents and 20% in EMEA said they would consider quitting their jobs if their organizations did not address their burnout.

Lack of staff equals lack of attention, with 79% of U.S. cybersecurity professionals and 66% in EMEA admitting to deprioritizing responsibilities leading to a backlog of unaddressed vulnerabilities. Close to three-quarters in the U.S. and 58% in EMEA said they now struggle to monitor and respond to vulnerabilities.

Other findings in the report include server security misconfigurations cited as the most commonly discovered security vulnerability at 40%, followed by cross-site scripting at 12%, sensitive data exposure at 10%, broken access control also at 10%, and authentication and sessions at 9%.

Alongside the report, Cobalt has released a new Pentest Management Platform to increase the efficiency and quality of pentesting programs. The platform enables in-house security teams, managed service providers and outsourced security teams to cover the entire lifecycle of a pentest, from planning, launching and collaborating on tests to writing reports, tracking vulnerabilities and making remediation efforts.

Image: Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU