Over half (52%) of UK IT decision makers (ITDMs) expect security team members to leave within the year due to burnout, according to a new study from Expel.
The managed detection and response (MDR) vendor polled 500 ITDMs from organizations of all sizes to compile its report, The UK cybersecurity landscape: challenges and opportunities.
Alert fatigue looms large over the report, with half (48%) of respondents claiming it impacts their teams. This typically occurs in security operations (SecOps) teams when they are unable to prioritize multiple alerts from disparate tools.
As a result, 93% of respondents said they’ve regularly missed personal commitments because of their jobs, while a third (34%) said this happens most or all of the time. Over half (52%) agreed that their team spends too much time dealing with unnecessary cybersecurity notifications.
Read more on alert fatigue: Alert Overload Distressing 70% of SecOps Teams.
Security remains a significant challenge for UK firms, ramping up the pressure on SecOps and security teams. Half of respondents highlighted it as such, behind only energy prices and the macroeconomic climate.
Respondents were most concerned about the impact of malware (43%), followed by ransomware (38%), phishing (38%) and business email compromise (25%), although just 14% said the same about nation states, according to the survey.
Worryingly, the report also found that, on average, 27% of security budget went unspent in 2022 – amounting to around £53,000 ($66,000) per firm. A fifth (21%) of respondents spent 50% or less of their budgets.
“Even though cybersecurity concerns many UK businesses, they’re struggling to figure out how and where to invest in solutions. Organizations looking to maximize their investments get the best results when engaged leadership sees security budget as a business enabler rather than a cost centre,” argued Expel general manager, Chris Waynforth.
“While this data may seem dire, we’re optimistic. Our research illustrates how a change in mindset and attention towards key areas of investment can provide useful guidance for those looking to improve security strategies and efficiencies, this year and beyond.”