1. Most CISOs open to changing companies in next 3 years

More than three-quarters (76 per cent) of chief information security officers (CISOs) said they are “very or entirely open” to changing companies in the next three years, according to a survey by Heidrick & Struggles. That could prove to be a problem for their employers, because 40 per cent of respondents said their companies do not have a succession plan for the role.

2. AI the top megatrend for cybersecurity: SIA

Artificial intelligence is the biggest cybersecurity trend, according to the Security Industry Association’s 2024 Security Megatrends report. It impacts will range across multiple areas, including video surveillance, generative AI and regulations. The report found that 74 per cent of security solutions developers said their organisations’ R&D investments are fully, heavily or somewhat focused on AI.

3. Cloud and IoT bring threats to businesses, says EY survey

The EY 2023 Global Cybersecurity Leadership Insights Study surveyed CISOs and C-suite leaders and found that 75 per cent said that the adoption of cloud and IoT technology represents the greatest threat to cybersecurity in the next five years.

4. Generative AI is both threat and ally, say senior executives

Nearly seven in 10 senior executives (69 per cent) believe their organisation will use generative AI (GenAI) to create better cyber defences in the next 12 months, says the 2024 Global Digital Trust Insights survey. However, it’s not all good news: more than half (52 per cent) believe GenAI will be used to launch “catastrophic” cyberattacks in the next 12 months.

5. Cybersecurity professionals feeling the strain of increased threats

Nearly two-thirds (63 per cent) of cybersecurity professionals say that they their job is either much more (27 per cent) or somewhat more (36 per cent) difficult than it was two years ago, according to the The Life and Times of Cybersecurity Professionals, Volume VI, released by Enterprise Strategy Group. The leading reason given is increased complexity and workload.

6. Growing cyber workforce can’t keep up with widening workforce gap

The global cybersecurity workforce grew by 9 per cent to 5.5 million in 2023, but the workforce gap grew even faster, by 13 per cent, according to the 2023 ISC2 Cybersecurity Workforce Study. This means that, as of 2023, “there are roughly 4 million cybersecurity professionals needed worldwide,” the report stated. “The profession needs to almost double to be at full capacity.”

7. Rise in cyberattacks will fuel increased security outsourcing

More than four in 10 (41 per cent) IT security decision makers expect their companies to boost their cybersecurity capabilities through outsourcing over the next 12 to 18 months, a study commissioned by Kaspersky found. This comes in the wake of an “alarming increase in cyberattacks in 2024” – 77 per cent of companies have reported experiencing at least one cyber attack over the past two years. Companies most likely to outsource include those in sectors such as critical infrastructure, energy, and oil and gas.

8. SMBs are often overconfident about their cybersecurity protections

Small- and medium-sized businesses (SMBs) say they are “reasonably protected” (50 per cent) or “well protected” (30 per cent) against cyberattacks, which shows “overconfidence”, according to cybersecurity software developer Devolutions. Its recent survey of IT executives and decision makers found that, although 80 per cent consider themselves protected, “less than 60 per cent employ essential security measures like password managers, two-factor authentication, or cybersecurity training”.

9. UK third-most targeted country for cyberattacks

The UK’s Science, Innovation and Technology Committee has launched an inquiry into the cyber resilience of the UK’s critical national infrastructure (CNI) – which includes sectors such as energy, communications, water supply, defence and transport – saying that the UK is the third-most targeted country for cyberattacks, after the US and Ukraine.

10. Cybersecurity is number 2 global risk, say insurance experts

Cybersecurity is now the number 2 risk factor – after climate change – in the minds of insurance industry experts surveyed by AXA, the French-based global insurer. In addition to 3,226 industry experts, 19,016 members of the general public across 15 countries were surveyed. AXA says that “strong majorities of both experts (73 per cent) and the general population (68 per cent) say they feel vulnerable to this [cyber] risk in their daily lives”, a figure up from last year for both cohorts.