The coronavirus (COVID-19) pandemic has forced corporate security teams to cut staff and freeze hiring as the cyber risks and the financial peril of the crisis take hold, a new study said.
Since the onset of the pandemic, three in four companies experienced security team furloughs and 68 percent laid off team members, Exabeam, a security information and event management (SIEM) specialist, said in its 2020 State of the SOC report. To put the data in perspective, in the first half of 2020, 80 percent of organizations experienced an uptick in cyber attack attempts and one in three were victimized by a successful hacker infiltration, the Foster City, California-based company said.
To compile its report, Exabeam gathered data from 1,000 IT security professionals at small- to medium-sized enterprises, half of which held chief information security officer (CISO) or security operations center (SOC) roles. Half of the respondents were security engineer/analysts or security architects. The study spanned organizations in the U.S. and U.K.
Key findings include:
“Companies are grappling with the security fallout from an unexpected shift to remote work, but it’s business as usual for cyber criminals and foreign adversaries with unprecedented opportunity,” said Steve Moore, Exabeam chief security strategist. “The rise in attempted cyber attacks while companies experience staff reductions is a harsh reminder of the security and financial challenges created by the pandemic.”
In addition to furloughing security team members, 70 percent of U.S. companies and 42 percent of U.K. businesses in the study enacted hiring freezes during March through June 2020, Exabeam said. Here’s some more data:
Overall, U.S. companies reported greater impacts such as distractions in the home, learning curve with new applications and tools, and blurred lines between work and personal computers than U.K. companies. The specific area with the widest margin was individuals’ false sense of safety and/or privacy, Exabeam said.
Exabeam is among others warning of layoffs paring IT security teams. In late May, industry analysts alerted cybersecurity teams to brace for upcoming budget cuts as the economic jolt from the pandemic prompts businesses to reevaluate their overall spend.