Tight budgets and burnout push enterprises to outsource cybersecurity

With cybersecurity teams struggling to manage the remediation process and monitor for vulnerabilities, organizations are at a higher risk for security breaches, according to Cobalt.

cybersecurity professionals responsibilities

As enterprises prioritize efficiencies, security leaders increasingly turn to third-party vendors to alleviate the pressures of consistent testing and to fill in talent gaps.

The report identifies how macroeconomic shifts are affecting organizations’ security standards across the U.S. and EMEA, revealing how security teams can extract more value from their pentests and maximize ROI. After analyzing more than 3,000 pentests and surveying more than 1,000 cybersecurity professionals, Cobalt found:

Budget cuts and layoffs plague security teams

63% of U.S. cybersecurity professionals had their department’s budget cut in 2023, compared to only 28% of their EMEA counterparts.

To further align with tight budgets, both U.S. (67%) and EMEA (61%) organizations have implemented a recruitment slowdown for this year.

Cybersecurity burnout could push workers to quit

Of those who encountered layoffs or budget cuts, almost all U.S. (95%) and EMEA (84%) professionals say their role has changed. This has caused many in the U.S. to feel burnt out (61%), more than those in EMEA (29%).

Burnout is increasing among professionals, and 50% of U.S. respondents threaten to quit their jobs if these feelings go unaddressed. Only 20% of EMEA respondents said the same.

Cybersecurity professionals deprioritize responsibilities

To stay afloat, a whopping 79% of U.S. cybersecurity professionals admit to deprioritizing responsibilities, compared to 66% of their EMEA counterparts, leading to a backlog of unaddressed vulnerabilities.

It’s no surprise 73% of U.S. respondents admit they struggle to monitor and respond to vulnerabilities compared to EMEA where 58% report the same issue.

Inaccurate security configurations cause vulnerabilities

40% of U.S. respondents found the most security vulnerabilities were related to Server Security Misconfigurations. Other vulnerabilities spanned across Cross-Site Scripting (12%), Sensitive Data Exposure (10%), Broken Access Control (10%) and Authentication & Sessions (9%).

Enterprises are calling in backup: With 89% of U.S. and 83% of EMEA teams reporting that it’s harder to manage their workloads, it’s time to call in backup. Creating partnerships with agile vendors can help teams conquer backlogs and deter employee burnout. In fact, outsourcing cybersecurity tasks to third-party vendors is more common in the U.S. (74%) than EMEA (48%).

Don't miss