Woburn, MA – November 29, 2023 — A new study commissioned by Kaspersky has found that IT security decision makers are boosting their cybersecurity following an alarming increase in cyberattacks in 2024. This was made evident by the data that highlighted that more than three quarters (77%) of companies suffered at least one cyber incident in the last two years. One of the main reasons cited was the shortage of qualified IT security staff (18%). Among other measures to strengthen cybersecurity, 41% of respondents claimed that their companies plan to invest in outsourcing cybersecurity in the next 12 to 18 months.
Kaspersky conducted a study to learn the opinions of IT Security professionals working for SMEs and corporations worldwide regarding the impact people have on cybersecurity in a company. The survey gathered information about various groups of people who influence cybersecurity, looking at both internal staff, and external actors. It also analyzed levels and types of online safety company bosses believed warranted investment.
The respondents indicated that a variety of measures would be necessary to address cybersecurity gaps, and among them, 24% said they would like to see more external specialists brought in. It also appears company investment plans are well in line with their expectations. One quarter of organizations (25%) plan to invest in third-party professional services, and as many as 23% of respondents are aiming to outsource their cybersecurity to MSP/MSSP (Managed Service Providers/Managed Security Service Provider). The most likely industries to invest in third-party services in the near future are critical infrastructure, energy and oil & gas companies.
At the same time, many organizations plan to invest in automation of their cybersecurity processes. In the next 12 months, almost half of businesses globally (45%) have concrete plans to implement software that automatically manages their cybersecurity, while 20% are discussing the subject.
"The automation and outsourcing of cybersecurity tasks are major areas that organizations struggle with due to a lack of experts and alert fatigue,” said Ivan Vassunov, vice president of corporate products at Kaspersky. “Turning to external experts, — whether it’s outsourcing, to manage the whole cybersecurity system, or adopting expert-level services to assist the IT Security department — is the optimal solution for many. Cybersecurity vendors, Managed Service Providers, Managed Security Service Providers are the companies that have relevant expertise, all the necessary tools, and can manage cybersecurity effectively for customers of any size. Additionally, they can provide the customer with various options, such as Managed Detection and Response, where SOC experts continuously carry out monitoring, or assistance in case of emergency like investigating a particular incident.”
To manage the shortage of tools or IT Security employees in-house, Kaspersky recommends:
The full report and more insights on the human impact on cybersecurity in business are available via the link.
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help over 220,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
 The survey was conducted across 19 countries: Brazil, Chile, China, Colombia, France, Germany, India, Indonesia, Japan, Kazakhstan, Mexico, Russia, Saudi Arabia, South Africa, Spain, Turkey, UAE, UK and USA.