Almost 50% of organizations plan to reduce cybersecurity headcounts: Survey
Even as the number of security incidents continues to grow in all sectors, 47% of the respondents plan to reduce their security headcounts, a new report by Observe has revealed. Remarkably, 62% of these organizations also reported a higher number of security incidents per month.
The organizations planning to reduce cybersecurity headcount are also planning to lower infrastructure spending, according to the survey. The report by Observe, an observability company, is based on a survey of 500 full-time security decision makers and practitioners, conducted by CITE Research.
In general, there is a shortage of cybersecurity professionals as they are in high demand because of the growing number of security-related events. The recent Cybersecurity Workforce Study from ISC2, a non-profit member organization for cybersecurity professionals, noted that the cybersecurity workforce shortage has grown to a record high of just under four million.
Almost all the surveyed organizations (99%) are prioritizing security observability, according to the Observe report. “Security observability borrows concepts from observability to enable security operations teams to understand risks and incidents in a more holistic way,” said Jack Coates, senior director of product management at Observe, in the press release issued by the company.
Large companies are struggling to integrate systems
The report revealed that smaller organizations are struggling on multiple levels to incorporate security observability as part of their security systems. They lack the resources to hire the right people to use the security tools. However, this also makes them prudent about spending, thus ensuring they avoid hype-driven adoption of the products. On the other hand, large organizations have access to a wide range of tools and products, but they struggle to integrate them for optimal performance.
About 95% of the surveyed security professionals use a Security Incident and Event Management (SIEM) tool for monitoring and alerting on security data. Other product categories, like Security, Orchestration, Automation and Response (SOAR), User and Entity Behaviour Analytics (UEBA), and Endpoint Detection and Response (EDR), have not impacted the popularity of SIEM.
