The State of Security 2023

April 6, 2023

Security 2023: Quick Reaction Force

Cyberattacks continue to grow in quantity and sophistication at the same time that organizations’ systems become increasingly complex. Security teams, as always, feel the stress. But a surprising outcome of our 2023 State of Security research is that the number of respondents who say they just can’t keep up has shrunk.

Don’t plan a victory parade just yet; 53% of respondents worldwide tell us that keeping up with security requirements is harder than it was two years ago, and that’s still a lot. But the number in 2022 was 66%. Our own security experts, able to spot the dark lining in every silver cloud, note that 2022 didn’t have as many novel developments to throw security teams into disarray; no SolarWinds, no Log4J. “No iceberg for your organizational Titanic,” to quote them directly.

Whether this data represents incremental improvement or a onetime windfall, organizations should press any advantage. Which won’t be easy: Most security teams tell us they’re too stuck in reactive mode to be effectively proactive.

Drilling down, we asked the slim majority who say their job has gotten harder to tell us what’s making it harder. This subset’s top challenges:

  • The increasing sophistication of threats (according to 38%, ranking it No. 1 for the third straight year)
  • Security stack complexity (according to 30%)
  • IaaS and SaaS driving challenges in risk monitoring and management (29% and 28%, respectively)
  • Workload demands trapping teams in “react mode” (28%)

That last bullet is further reflected in several trailing responses. Respondents tell us that they are overwhelmed by the number of attacks (24%) and false positives (25%). Another 25% each say they struggle to hire or retain enough skilled staffers.

There are global variations in terms of struggle. Organizations in the Asia-Pacific region are five to seven percentage points more likely than the global average to say that it’s hard to monitor SaaS applications and to effectively analyze all security data. European respondents are less likely to voice that complaint, while North American orgs hewed to the worldwide average.

Price: FREE

About the Provider

Splunk Inc. is an American public multinational corporation based in San Francisco, California, that produces software for searching, monitoring, and analyzing machine-generated big data via a Web-style interface.


Cyberattacks, Cybersecurity, SaaS, vulnerabilities