New Immersive Labs Study Uncovers Concerning Disconnect between Confidence in Cyber Resilience and Proven Capabilities
March 28 2023 - 5:00AM
Business Wire
82% of cyber leaders agree they could have
mitigated some to all of the damage of their most significant cyber
incident in the last year if they were better prepared
Immersive Labs today released a commissioned study* conducted by
Forrester Consulting to evaluate how global cybersecurity
decision-makers perceive their organization’s cyber resilience,
defined as the ability and confidence to effectively respond to
cyber threats. Despite high confidence in overall resilience, the
study found that teams are insufficiently prepared for threats, as
82% agree they could have mitigated some to all of the damage of
their most significant cyber incident in the last year if they were
better prepared, and more than 80% don't think, or are unsure,
their teams have the capabilities to respond to future attacks. To
reduce risk, the study recommends a people-centric cybersecurity
culture shift.
Forrester surveyed 316 global cybersecurity training strategy
decision-makers in the UK, US, Canada, Germany, and Sweden,
exposing this troubling inconsistency in cybersecurity team
confidence: their initial responses express confidence in overall
team resilience, but when asked specifically about how prepared the
team is for another attack or how effectively the team resolves
incidents, confidence plummets.
Only 17% of respondents consider their cybersecurity team to be
fully-staffed and nearly half of respondents admit they aren’t able
to measure cyber capabilities, further eroding confidence in the
organization’s preparedness. When cyber attack prevention and
damage control are both lacking, organizations may be more
vulnerable than initially thought.
“We’re seeing tremendous pressure on cybersecurity teams to
prove their readiness for new and emerging threats, and while many
feel they have built sufficient cyber workforce skills and judgment
to respond, our study with Forrester Consulting reveals that nearly
50% lack the metrics to know for sure,” said James Hadley, CEO
& Founder, Immersive Labs. “Our research suggests that it’s
well past time to rethink traditional training programs,
effectively measure cyber capabilities, and better equip
cybersecurity teams with the skills and confidence to stand up to
attacks.”
The Impact of Cyber Talent Shortages, and Other Key
Findings
In the research, Forrester Consulting revealed several
eye-opening findings from the pressures facing cyber leaders today
to the impact of global cyber talent shortages, including:
- Cyber teams face growing pressure from senior leaders:
84% of respondents agree that cybersecurity teams feel increasing
pressure to be prepared for the next cyber attack.
- Cyber threats are becoming more difficult to stop: 72%
agree the threat landscape is becoming more challenging.
- Reporting is inconsistent: Senior leaders should be
sharing breach readiness and incident response results to a greater
degree, but fewer than 60% do so today. In addition, over half
(55%) agree their cybersecurity team doesn’t have the data needed
to demonstrate readiness to properly respond to cyber threats.
- Teams aren’t strategically equipped to maintain cyber
resilience: Less than one-third (32%) believe their
organization has a formal strategy to ensure cyber resilience.
- Talent shortages threaten cyber resilience: 83% of
respondents think their cybersecurity team is understaffed, and 94%
experienced at least one talent management challenge with the
cybersecurity team.
- Cybersecurity teams can reduce risk by adopting modern
approaches to upskilling: 64% of respondents agree that
traditional cybersecurity training methods (e.g., certifications,
video training courses, classroom instruction) are insufficient to
ensure cyber resilience. Leveraging effective people-centric
approaches, such as live simulations, and progressive,
career-path-aligned online training and upskilling can bolster
cybersecurity teams’ capabilities and, in turn, their
organization’s cyber resilience.
The study recommends that to alleviate staffing shortages and a
lack of in-house cyber skills, “firms must reevaluate hiring
practices to recruit and test for high-potential hires” and “invest
in a culture that leverages effective people-centric approaches,
such as live simulations, and progressive, career-path aligned
online training and upskilling to bolster their cybersecurity
teams’ capabilities and, in turn, their organization’s cyber
resilience.”
For other valuable insights, download the full study here:
https://www.immersivelabs.com/cyber-leaders-need-a-more-effective-approach-to-building-cyber-resilience/
*Forrester Opportunity SnapShot: “Cyber Leaders Need a More
Effective Approach to Building and Proving Resilience” – A custom
study commissioned by Immersive Labs, March 2023
About Immersive Labs
Immersive Labs is the leader in people-centric cyber resilience.
We help organizations continuously assess, build, and prove their
cyber workforce resilience for teams across the entire
organization, from front-line cybersecurity and development teams
to Board-level executives. We provide realistic simulations and
hands-on cybersecurity labs to evaluate individual and team
capabilities and decision-making against the latest threats.
Organizations can now prove their cyber resilience by measuring
their readiness compared to industry benchmarks, building team
capabilities, and demonstrating risk reduction and compliance with
data-backed evidence. Immersive Labs is trusted by the world’s
largest organizations and governments, including Citi, Pfizer,
Humana, HSBC, the UK Ministry of Defence, and the UK National
Health Service. We are backed by Goldman Sachs Asset Management,
Summit Partners, Insight Partners, Citi Ventures, Ten Eleven
Ventures, and Menlo Ventures.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20230328005152/en/
Jen Weber immersivelabs@inkhouse.com