Freely subscribe to our NEWSLETTER

Balancing the cost of cyber security compliance
“Hitting the big cyber security compliance deadlines – NIS2 and DORA - was top of the agenda for many organisations in 2024 (and still will be in 2025). This meant devoting significant budgets where it was most needed to meet the requirements.
One of the biggest challenges for next year will be balancing cybersecurity spend: ticking the boxes on compliance while addressing the security gaps that matter most for each individual organisation. Compliance demands, whilst absolutely necessary, shouldn’t distract security leaders from focussing on these more strategic issues.”

NVD processing delays: risk scores need context
“In 2024, the backlog of vulnerabilities waiting to be analysed by NIST presented serious challenges for organisations that rely on the National Vulnerability Database (NVD) for their security programmes.
NIST has pledged to address the resource and processing issues to get this back on track. However, it’s highlighted that organisations need other intelligence sources beyond a single source of truth so they don’t miss the vulnerabilities that could be most damaging for their environment. Risk scores only give part of the picture: organisations need context around the data to make real sense of CVEs.”

Cloud computing crossroads will drive security rethink
“Cloud computing costs have risen over the past year and we’re seeing more companies moving away from cloud-only environments and back to on-premises or hybrid networks. As tech leaders reassess their strategies, CISOs will need to carefully navigate the security challenges this creates as attack surfaces evolve.
No matter which route they decide to take, from hybrid, multi-cloud or on-premises, they will need full visibility of their estate and to prioritise identifying and managing vulnerabilities to secure these more complex environments.”

Efficiency drives create uncertain cyber jobs market
“The global cyber skills shortage has meant that cyber security roles have typically been in high demand and hard to fill. However, we’re seeing signs of the balance shifting and job seekers in an increasingly uncertain job market.
Cuts in spending, and the need to drive even further efficiencies, will likely mean more companies opting for temporary or freelancer employees to plug the gaps.
And as AI and automation spread across the industry, it will mean a further shift in the workforce. However, the need for skilled, human oversight will remain with demand continuing to be high particularly for experienced, senior level and specialised professionals.”
Cyber security needs to bring immediate pain relief
“The cyber security market is complex and it’s our role as vendors to make sure we’re providing solutions which are straightforward and bring immediate pain relief to our customers. We need to continue to work with MSP and MSSP partners to make sure we’re delivering solutions that cover the foundations of solid cyber security.
At the same time, we’re seeing a move towards diversification and that organisations are willing to look beyond the tech giants. Geography can also play a part here as decision makers realise the upsides of working with vendors that are based in Europe and which can align closely with their security, privacy and regulatory requirements.”