London, United Kingdom, October 2023 – Today’s security leaders face a range of barriers to strategy execution; tackling the internal skills gap, achieving the right level of executive support from the business, building a security culture, making sound technology investment decisions, and more. But the state of the economy is starting to drive a new narrative for CISOs, with many being asked to do more with less.
A Cyber Security in Focus research conducted by technology recruitment specialists Stott and May reveals that CISOs see budget as the biggest barrier to strategy execution in 2023, overtaking internal skills for the first time. 51% of security leaders highlighted budget as their primary inhibitor to delivering on strategy, with internal skills (34%), board-level buy-in (11%), and technology (3%) also being cited as issues by the global sample of CISOs.
Other notable findings from the 2023 Cyber Security in Focus Report include:
Filling cyber security vacancies continues to be a pain point for security leaders. 66% are facing challenges in sourcing talent for their business. 69% of security vacancies are left unfilled after 8 weeks.
CISOs report that salary expectations across the industry continue to increase. 47% believe that salary levels have increased by more than 11% year-on-year. A further 31% see wage inflation sitting between 6 and 10%.
Strategic investment continues in security but with little room for experimentation. 44% report their budgets will stay the same or decrease. Only 53% believe security investment is keeping pace with digital business. The top three priority investment areas for CISOs in 2023 are cloud security (25%), IAM (20%), and security and vulnerability management (18%).
The focus turns towards translating security risk to align with the business strategy. 55% of security leaders believe that their company sees cyber security as a strategic priority, while 60% agree their business feels that the security function improves the overall value proposition to customers.
Haris Pylarinos, Founder & CEO of Hack The Box, shared his thoughts on the top challenges CISOs face when building a high-performing security function. “It’s the ability to stay outward looking and ensure that internal skills stay up to date. You can hire the best security professionals out there with field experience, but the problem is that this knowledge can degrade over time because cyber security is evolving at such a rapid pace.”
About Stott and May
Founded in 2009, Stott and May is a professional search firm with a passion for helping leaders achieve complete confidence that they have hired the right talent first time in fiercely competitive markets.