Axonius, the leader in cybersecurity asset management and SaaS management, today announced a new research report, “Navigating the IT and Security Resource Paradox: How Organizations Are Addressing Real and Perceived Challenges.” Of the key findings, the most surprising found that IT and security teams saw increases to their budget and headcount, despite the economic headwinds organizations faced heading into 2023.
In fact, three-quarters (74%) of IT and security decision makers said their organization’s IT or security budget increased compared to the year prior, and nearly two-thirds (63%) said their organization’s IT or security team headcount increased. However, for those that did see decreases in either budget or headcount, they reported severe impacts: 51% said their organization experienced an increase in security risks, and 49% experienced an increase in attacks or vulnerabilities.
“Cybersecurity is critical, even in times of economic uncertainty – as clearly evidenced by our research,” said Dean Sysman, CEO and Co-founder at Axonius. “But an increase in budget or headcount won’t solve all your problems. While you might find yourself with more tools to get the job done, the reality is that most security investments aren’t used to their full advantage. As we head into 2024, where it’s likely security budgets could increase again, it’s important for organizations to focus on optimizing their resources rather than wasting them.”
For survey respondents, the answer to optimization appeared in the promise of artificial intelligence. Three-quarters (76%) of IT and security decision makers said their organizations are spending more on AI/ML compared to 12 months ago, and over four in five (85%) respondents said they were interested in applying AI in their organization’s IT and security operations in the coming year. For many organizations, the attractiveness of AI lies in being able to keep pace with cybersecurity workload. Nearly two in five (39%) IT and security decision makers whose organizations have reduced their IT or security headcounts in the last 12 months say their organizations have adopted AI-based tools to streamline tasks to keep pace with workload in light of reduced headcounts.
“AI might be able to free up practitioners from more menial tasks, but the reality is that AI in its current form still comes with a lot of inaccuracies and errors that need to be corrected by a human,” continued Sysman.
This belief might also be why nearly three-quarters (72%) of IT and security decision makers reported being concerned about the potential adverse effects of generative AI (e.g., ChatGPT) on their organization’s cybersecurity. Generative AI might not be able to stand in for an actual human practitioner, but it can write a very compelling phishing email.
Additional key findings of the research include:
- For years, burnout has been a concern for cybersecurity professionals. But our research found two-thirds (66%) of IT and security decision makers say they are not experiencing burnout at work and two in five (40%) report they are feeling less burned out today than they did a year ago.
- Even with increasing budgets, cost optimization remains a top priority for IT and security decision makers globally. 87% are prioritizing enhancing cloud infrastructure and 85% are prioritizing optimizing IT costs over the next 12 months.
- IT and security decision makers are embracing change as they evolve, adapting to new skill demands and the rise of emerging tech. Nearly three in five IT and security decision makers think that the future of IT and security work will involve a growing demand for specialized skill sets (58%) and adoption of emerging technologies for advanced security measures (58%).
To view the report in its entirety, download it here. You can also visit the Axonius website or request a demo to learn more about how we’re helping IT and security leaders optimize their resources.