‘Only two-fifths of UK IT leaders able to respond to cyber incident today’

09 November 2021

Well under half (39%) of UK businesses feel confident in their ability to respond to incidents today, according to new research from Rackspace Technology.

Evolving security threats and attack methods, increasing attack opportunities as data volumes, digital operations and remote work continue to grow, are cited by 60% of IT leaders as the greatest cybersecurity challenges they face.

In addition, 53% of IT decision makers do not have the capability today to identify security incidents across multicloud environments. When it comes to mitigating threats, only 38% of those surveyed feel confident in addressing them today, while only 36% feel assured in addressing regulatory compliance.

In relation to data, just two in five (41%) are currently confident in their ability to protect critical data and warehouses, with a further 45% believing they will reach that point in the next three years. When it comes to assessing cybersecurity capabilities and needs on a periodic basis, only two in five (42%) felt comfortable in this area.

Moreover, almost half (44%) of companies are finding it hard to retain and recruit cybersecurity talent, though a similar proportion (45%) are confident in their internal initiatives in terms of cybersecurity talent retention.

The cybersecurity skills touted as the most important were cloud security (42%) and data privacy and security (40%). Despite its importance, a third (32%) of companies believe the biggest cybersecurity skills gap is in relation to cloud security.

With regards to staffing and skills concerns, over half of UK businesses (55%) rely on in-house staff with some external third-party help. A similar number (56%) said they use up to five external partners to provide cybersecurity. When looking into the types of cybersecurity partner the businesses engage with, the most sought-after are security value added resellers (47%), managed security service providers (45%) and managed detection and response providers (41%). Meanwhile, the top three areas of cybersecurity most likely to be handled by external partners are around integrated risk (44%), application security (44%) and data security (37%).

“Cybersecurity is one of the most important digital elements for UK businesses, but also the trickiest to address,” said Andy Brierley, UK general manager at Rackspace Technology. “This is particularly true due to the accelerated pace of digital transformation across key sectors.”

When asked about their companies’ overall cloud security, 35% said they were at intermediate level, having to rely on third-party tools. An additional 32% described themselves as cloudcentric, meaning they use native tooling mixed with third-party tooling.