Only 11% of IT budgets are being earmarked for cybersecurity needs despite half of UK organizations detecting and responding to cybersecurity threats at least once a week, new research has claimed.
A survey by Vanta found the majority (54%) of firms agreeing security risks for their business have never been higher, with phishing attacks (35%), AI-based malware (34%) and compliance violations (27%) all increasing over the past year.
Despite the clear need for greater investment in cybersecurity, the report reveals 17% of an IT department’s budget represents the sweet spot, indicating that companies don’t have far to go.
Cybersecurity deserves more
While artificial intelligence has impacted security globally, only two in five (43%) UK organizations conduct regular AI risk assessments, and fewer than half have implemented an AI policy to regulate its deployment and usage among employees.
The report also highlights the burden of compliance tasks. Around two in three (69%) noted that customers, investors and suppliers require more demonstration of compliance than before. UK businesses are now spending two extra weeks each year – a total of 12 weeks – working on manual security compliance tasks compared with last year.
Furthermore, IT decision-makers (ITDMs) are spending an average of seven hours, or around one day, each week assessing and reviewing vendor risk. This is because 44% of the British companies surveyed revealed that a vendor of theirs had experienced a data breach since they started working with them, highlighting that cybersecurity threats don’t always come from within.
Besides tackling threats head-on, increased IT budget allocation for cybersecurity also promises to drive customer trust and reduce financial risks.
“To uphold trust in an AI world, security leaders need to go beyond the standard way of doing things," noted Vanta CEO Christina Cacioppo, "they need to make trust continuous, collaborative and automated across their business.”
More from TechRadar Pro
