Stott and May’s Cyber Security in Focus Report Reveals 51% of CISOs see budget as biggest barrier to strategy execution

05/04/2023

THIS YEAR’S Cyber Security in Focus research conducted by global cyber security recruitment specialists Stott and May reveals that CISOs see budget as the biggest barrier to strategy execution in 2023, overtaking internal skills for the first time. 51% of security leaders highlighted budget as their primary inhibitor to delivering on strategy, with internal skills (34%), board-level buy-in (11%), and technology (3%) also being cited as issues by the global sample of CISOs.

Other notable findings from the 2023 Cyber Security in Focus Report include:

  • Filling cyber security vacancies continues to be a pain point for security leaders. 66% are facing challenges in sourcing talent for their business. 69% of security vacancies are left unfilled after 8 weeks.
  • CISOs report that salary expectations across the industry continue to increase. 47% believe that salary levels have increased by more than 11% year-on-year. A further 31% see wage inflation sitting between 6 and 10%.
  • Strategic investment continues in security but with little room for experimentation. 44% report their budgets will stay the same or decrease. Only 53% believe security investment is keeping pace with digital business. The top three priority investment areas for CISOs in 2023 are cloud security (25%), IAM (20%), and security and vulnerability management (18%).
  • The focus turns towards translating security risk to align to the business strategy. 55% of security leaders believe that their company sees cyber security as a strategic priority, while 60% agree their business feels that the security function improves the overall value proposition to customers.

Cyber Security in Focus is an annual research report that explores the perceptions of a high-quality sample of 60 CISOs and security leaders on critical themes such as; the skills shortage, barriers to strategy execution, the perception of cyber security functions, and future technology investment. The sampled respondents were sourced from Stott and May’s professional network across EMEA and North America. In addition to primary quantitative research and findings, this report also features qualitative interviews with leading industry professionals in the cyber security space. 

In the paper, Haris Pylarinos, Founder & CEO of Hack The Box, shared his thoughts on the top challenges CISOs face when building a high-performing security function. “It’s the ability to stay outward looking and ensure that internal skills stay up to date. You can hire the best security professionals out there with field experience, but the problem is that this knowledge can degrade over time because cyber security is evolving at such a rapid pace.” In addition, Chris Castaldo, CISO at Crossbeam, outlined his thoughts on the main barriers that CISOs come across when executing their cyber security roadmaps. “Not understanding the business. That’s the main barrier. Everyone that I talk to that’s trying to implement some new tool or a new process or policy and meets resistance typically hasn’t spent enough time trying to understand what those stakeholders really care about and tailoring that message to them.”

To access the full report, including Stott and May’s latest salary benchmarking for key security roles, download here.

Find out more about our cyber security recruitment team.

The Latest Stories

InnoScot Health backs World Intellectual Property Day aim of ‘building common future’ through innovation 
UK astronaut Rosemary Coogan aims for the stars after graduation
BGF leads new investment round for Hyble, as martech company disrupts US market
IT company and social enterprise, The Apprentice Store, recognises increased social impact in the Highlands through annual Supporters Awards