UK business struggling to prioritise cybersecurity needs, report reveals

Cybersecurity demands are outstripping UK business's resources, a new report has revealed.

Polling carried out by cybersecurity firm RiverSafe, in partnership with Censuswide, has found organisations lack the technology, expertise and funding needed to manage cybersecurity threats.

Gathering answers from 250 chief information security officers (CISOs), research showed more than 80 per cent of organisations face a gap in cyber skills, yet feel too overstretched to fix the issue.

While, six in 10 CISOs said their organisation's cybersecurity budget was underfunded, the same number of respondents admitted investing in hiring and training dedicated cybersecurity staff was already draining too many resources.

Insider threats ranked as the biggest risk, with two in 10 respondents admitting an employee had exposed company data by using artificial intelligence (AI) tools such, as ChatGPT.

However, almost two-thirds claimed their organisation didn’t have the technology required to tackle these threats.

Despite the growing concern posed by AI, a majority revealed their organisation had turned to the cutting-edge tech to fix the talent scarcity.

More than 85 per cent admitted their firm used automation as part of their cybersecurity defences to help their short-staffed team.

However, Suid Adeyanju, chief executive at RiverSafe, has cautioned against an overreliance on automation.

He said: “It is essential that CISOs make it a priority to close the cyber gap, to keep their organisation safe in an era of heightened threat. As cyber-attacks become increasingly complex, especially with the rise of AI, proactive measures are essential to protect sensitive data and assets.

"AI development is showing no signs of slowing down and organisations are increasingly adopting AI technologies as part of their business operations. While there are obvious benefits, it is also vital to recognise the security challenges that AI bring, especially when it comes to CISO oversight devices and applications.

“Ultimately, cyber security and cybercrime are still conducted by people, so it is important for security teams not to lose sight of investing in people, even in an era of AI and automation.”

The findings come after an investigation revealed cybersecurity lapses led to the hack of the Electoral Commission in 2021, which allowed cybercriminals to access personal data belonging to 40 million UK voters.

The report also comes weeks after Labour pledged to boost UK cybersecurity measures, announcing a new Cyber Security and Resilience Bill during the King’s Speech.