Deepwatch SecOps Pulse Survey: Security Teams Brace for Rising Costs, Increased Workload in 2023

December 22, 2022 Off By David
Object Storage

Deepwatch released findings from a year-end SecOps pulse survey on challenges and strategies for 2023. Recent research by Deepwatch found that most IT security professionals will focus on improving “detect” and “respond” capabilities, amidst concern over increasing costs and regulatory pressures.

The report found that digital transformation initiatives and regulatory requirements were the top two cost drivers expected for 2023. More than three-quarters (78%) of security professionals expect breach and incident reporting requirements to create more work for their teams, and about the same (77%) expect increased work from privacy requirements.

“Regulatory developments around both incident reporting and privacy will undoubtedly continue to ramp up in 2023,” said Bill Bernard, AVP, Security Strategy at Deepwatch. “Between differing perspectives on reporting timelines and the multiple agencies and authorities involved, breach notification compliance will be complex and challenging for security teams. On the privacy side, security professionals who typically don’t consider themselves privacy professionals will need to play a role in enforcing various controls stemming from multiple privacy requirements emerging across numerous states, countries and governments.”

Cybersecurity insurance is another cost concern for 78% of security professionals. More than a third (39%) said it’s already too expensive, and another 39% said that while they believe cyber insurance offers value today, that won’t be the case if prices go up further.

To keep up with rising threats, most security teams are prioritizing investments in their “respond” (46%) and “detect” (42%) functions of the NIST framework. As nearly all (95%) of security professionals cited continued staffing challenges, 82% of security professionals either have or are considering managed services.

“Many organizations still struggle to mature security programs beyond the hardening strategies with strong detection and response capabilities,” added Bernard. “While we all want to do our best to minimize the attack surface as much as possible, we know the attack surface cannot be totally eliminated. In today’s landscape, every enterprise should be monitoring environments 24/7/365. Running a security operations center internally is a huge undertaking, and many are not only alleviating that workload through managed detection and response (MDR) partners but they are also getting increased efficacy from MDR specialists that are built to give the highest fidelity alerts and rapid response actions to contain threats swiftly.”

For more insights, please download the Deepwatch report here: https://www.deepwatch.com/resource/deepwatch-secops-pulse-survey-q4-2022/