IT security study: Lack of skilled workers as a challenge

23 November 2022
| No comments
IT security study: Lack of skilled workers as a challenge

Share post

According to a study in management levels in DA-CH, the availability of specialists is the greatest challenge - in Austria this even applies to external expertise. In Germany, Austria and Switzerland, the problems differ significantly, according to Sophos.

Cyber ​​security in companies has become even more important in the recent past due to various factors. These include technological developments or the growing complexity of IT infrastructures. But those factors that are characterized by agile and mobile working, home office availability, the professionalization of cybercrime and an increased international threat situation are also having an increasing impact.

The results of a current management study by Sophos show that (as is currently the case in almost all professional fields and especially IT), the special area of ​​IT security naturally also suffers from a severe shortage of skilled workers. But the company decision-makers surveyed also see challenges in other areas in the DACH region.

The staff is the most stuck

🔎 Top challenges in ensuring cybersecurity (Image: Sophos).

When asked what challenges they see in ensuring cyber security in their company, the management levels surveyed in all three countries most frequently indicated the availability of personnel. In Austrian companies, the difficulties in finding qualified personnel are mentioned most often with a frequency of 69,8 percent, in Germany with 62,7 percent and in Switzerland the value is lowest with 58,8 percent.

Around a third of all companies also get additional external consulting services in the form of MDR services, for example, to professionalize their cyber security. In Austria in particular, there seem to be challenges here as well. While only 11,8 percent of Swiss and 13,9 percent of German company managements state that they see difficulties in the availability of external consulting services, this is still the case for a third (30,2 percent) of those surveyed in Austria.

Bosses fear impediments to processes due to IT security

The IT security solutions could slow down systems and processes - this prejudice persists in the management floors. 45,1 percent of the Swiss and 40,3 percent of the German respondents stated that, from their point of view, the impairment of work processes is one of the challenges in ensuring and implementing cyber security. In Austria, only 28,3 percent name this.

Doubts whether cyber security can keep up with mobile and agile working

🔎 Even the external consulting services lack the specialists (Image: Sophos).

Bosses see two aspects of the modern working world as challenges for the implementation of IT security. In Austria, when it comes to ensuring cyber security, 45,3 percent of those surveyed expect difficulties in coordinating this task with the modalities of home office solutions. In Germany, 39,8 percent cast a critical eye on this, in Switzerland the figure is 35,5 percent.

Agile methods are indispensable in modern day-to-day work. Are the available security solutions flexible enough to keep up with agile business? After all, 42,8 percent of the German, 41,5 percent of the Austrian and 39,2 percent of the Swiss respondents expressed doubts here.

Old prejudices against IT security

"The figures for work processes and flexibility for agile workflows make it clear that an outdated and traditional image of IT security, which is based on rigid structures, often still prevails in executive floors," says Michael Veit, cyber security expert at Sophos. “However, modern cybersecurity solutions offer exactly the opposite and are characterized by their modular and flexible handling both in architecture and in everyday use. Technologies such as zero trust, managed security services or even adaptive cybersecurity ecosystems now enable flexible working in which the user is no longer aware of the IT security processes in the background.”

Investments at a constant level

🔎 Over a third of companies are increasing their investment in more cyber protection (Image: Sophos).

When asked whether investments have changed in the last two years, a majority of respondents in Germany (57,2 percent) and Austria (52,8 percent) and 45,1 percent in Switzerland state that investments are on a have remained at an undiminished high level. 47,1 percent and thus most Swiss company managements stated that they had increased investments in the last 24 months. In Germany (34,8 percent) and Austria (32,1 percent), a good third invested more in IT security. 13,2 percent in Austria, 7,8 percent in Switzerland and 7,5 percent of the managers surveyed in Germany could not provide any information on this.

It was rather difficult for the management levels to quantify the exact proportion of expenditure for IT security, not least because of the complexity within all cost factors for IT. This applies in particular to Switzerland. Almost half (49 percent) of those surveyed stated that this was impossible to quantify. 36,3 percent of respondents from German companies could not name the share of IT security in IT expenditure, in Austria the figure was 30,2 percent.

Switzerland invests more than Germany and A

🔎 In the area of ​​10 to 19% more investment, Austria is ahead, with 20 to 29% Switzerland (Image: Sophos).

Otherwise, investments in cyber security in DACH are distributed as follows: In Germany, 20,9 percent of companies spend 5 to 9 percent of their money on IT security, 14,4 percent invest 10 to 19 percent. In Austria, 28,3 percent spend at least 10 to 19 percent on IT security and in 13,2 percent of the companies surveyed the proportion is even 20 to 29 percent. The following picture emerges in Switzerland: Here, 19,6 percent of companies spend 5 to 9 percent on cyber security and 13,7 percent even invest 20 to 29 percent of their budget in this important area.

background of the survey

On behalf of Sophos, Ipsos surveyed 201 C-level managers from trade, services and manufacturing in Germany and 50 each in Austria and Switzerland on the subject of IT security in their companies.

More at Sophos.com

 

About Sophos

More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.

 

Matching articles on the topic

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

Digital Security: Consumers trust banks the most

A digital trust survey showed that banks, healthcare and government are the most trusted by consumers. The media- ➡ Read more

Darknet job exchange: Hackers are looking for renegade insiders

The Darknet is not only an exchange for illegal goods, but also a place where hackers look for new accomplices ➡ Read more

The Terminator tool is coming back

BYOVD (Bring Your Own Vulnerable Driver) are still very popular among threat actors as EDR killers. One reason is, ➡ Read more

Sophos, Stories
, , , , ,