The overall state of cybersecurity in Belgium

The overall state of cybersecurity in Belgium 

The realm of cybersecurity is undergoing a notable transformation, with organizations worldwide witnessing a surge in budgets dedicated to fortifying their digital defenses. 

A recent survey conducted among CIOs, CISOs and senior IT Leaders in the Belgian industry reveals intriguing insights into the current state of cybersecurity, shedding light on trends, challenges, and initiatives that organizations are grappling with.

 

Rising Budgets and Integration of IT and Cybersecurity

One prominent trend is the upward trajectory of cybersecurity budgets. A staggering 79% of respondents anticipate a boost in their organization's cybersecurity budget, with 31% foreseeing a significant increase of over 10% compared to the previous year. 
Notably, these budgets encompass a broad spectrum, ranging from modest allocations to a substantial fifth of the overall IT spend. 

What's particularly interesting is the blurring line between IT and cybersecurity budgets, indicating a higher maturity level as organizations level the playing field between the two domains.

Cybersecurity budget

Structural cybersecurity understaffing and innovative solutions

Despite the increased budgetary allocations, organizations are grappling with a chronic cybersecurity staffing shortage. On average, a mere 7% of IT Full-Time Equivalents (FTEs) are dedicated to cybersecurity, highlighting a structural understaffing issue. 

To address this talent scarcity, organizations are adopting a two-pronged strategy. Firstly, outsourcing certain cybersecurity functions, such as Security Operations Centers (SOCs), to Managed Security Service Providers (MSSPs) provides relief. 
Secondly, responsibility for cybersecurity is being decentralized, with product teams assuming accountability. 

This decentralized approach is supported by the presence of security champions within product teams who act as proxies for the cybersecurity team, aiding in overcoming skill gaps.

Perceptions of cybersecurity and regulatory drivers

While respondents generally view cybersecurity as a positive force, there remains a perception, especially at the board level, that cybersecurity can be a hindrance or roadblock. This is often attributed to a lack of understanding regarding the security measures in place. 
Implementation of security measures, such as multifactor authentication and additional verifications, is met with resistance due to a lack of awareness and understanding among the workforce.

Regulations, particularly in heavily regulated sectors like Finance, play a significant role in shaping cybersecurity strategies. Recent directives, such as the European GDPR and NIS 2, have intensified the regulatory landscape, prompting organizations to refine their resilience strategies.

Challenges and initiatives

Top challenges in cybersecurity are multifaceted, with staffing issues, complexity in cybersecurity landscapes, supply chain challenges, and lapses in basic IT asset hygiene being key concerns. 
Notably, the challenge of Operational Technology (OT) security is currently perceived as less critical, but experts predict its importance will grow as these environments modernize.

Looking ahead, organizations are prioritizing key cybersecurity initiatives. Identity and Access Management (IAM) tops the list, followed closely by cyber resilience. With the rise in cyberattacks globally, resilience testing has become critical. Prevention strategies, such as security awareness training and DevSecOps, also feature prominently. 

Automation and efforts to circumvent the talent shortage are pivotal in driving these initiatives forward.

Cybersecurity challenges
Top cybersecurity initiatives

Conclusion

As organizations navigate the complex landscape of cybersecurity, the evolving trends and challenges outlined in this survey provide valuable insights. 
With rising budgets, a shift in perceptions, and a focus on strategic initiatives, businesses are adapting to the dynamic nature of cybersecurity to fortify their digital assets against an ever-growing threat landscape.

Cybersecurity Monitor 2023