Cyber attacks against the UK’s critical national infrastructure (CNI) are outpacing security budgets, according to research from a UK cyber security services firm.
A survey of UK cyber security decision-makers in the communications, utilities, finance, government and transport and aviation sectors, suggests that most, 70 per cent have increased cyber security budgets over the past 12 months. Yet, despite rising investment in cyber security, 69pc say it has become harder to detect and respond to threats, 62pc say it takes their organisation too long to detect and respond to threats, and 60pc admit to still struggling to understand how and why a breach occurred.
On average, UK CNI operators are now spending 39pc of their IT budget on cyber security, with investment predicted to rise by a further 23pc in the year ahead. However, the fact that many are still struggling with the volume, sophistication and detection of cyber threats suggests cyber security investment is not being spent wisely, Bridewell suggests.
Martin Riley, Director of Managed Security Services at Bridewell, says: “It’s encouraging to see that cyber security budgets are rising, however, without a strategic approach to cyber security transformation and investment, CNI operators risk wasting budget on tools and technology that fail to deliver the visibility and results needed. Operators must re-evaluate how they allocate and use their security budget, so that escalating cyber threats can be tackled with much more robust, proactive, and holistic cyber security approaches, such as threat intelligence and detection and response.”
MDR solution
Also in the survey; only a quarter say they have a managed detection and response (MDR) solution in place and only one in five (20pc) have extended detection and response (XDR) to enable detection and response capabilities across network, web and email, cloud, endpoint and (most crucially, according to the cyber firm) identity. Similarly, only a fifth say they have threat hunting and cyber intelligence processes.
Poor cyber security investment choices could also be causing problems with visibility, Bridewell adds. Seven in ten CNI cyber leaders say they don’t have sufficient visibility across the IT/OT boundary and 64pc do not have sufficient visibility over all end user, networks, and systems.
Problems could also be a result of over investment in security tools – a majority, 62pc saying the number of security tools within their organisation is unmanageable. On average CNI security teams are now managing 33 security tools, with a good third, 35pc admitting to managing over 40 tools. Not only does too many tools stretch security teams too thinly across disparate and poorly developed solutions, but it increases the complexity of monitoring, managing, operating, and optimising a technology stack.
More at the Bridewell website.
About the firm
Reading-based Bridwell offers: cyber security, managed security services, penetration testing, and data privacy services. They work across critical national infrastructure, aviation, financial services, government and oil and gas. The company holds industry accreditations including from the UK official NCSC, CREST, ASSURE, IASME Consortium, SOC2, Cyber Essentials Plus, the international standards ISO 27001 and ISO 9001 and are a PCI DSS QSA company (Payment Card Industry (PCI) data security standards qualified security assessor).
An interview with Bridewell co-CEO Scott Nicholson was in the September print edition of Professional Security Magazine. Visit https://www.bridewell.com.
