Cybersecurity and Resilience: The State of Affairs in 2024

Marc Guardiola CTO

5 July 2024

Cybersecurity and Resilience: The State of Affairs in 2024

At Solvinity, we are always committed to ensuring the security of IT environments. This year, we delved into the challenges and trends surrounding cybersecurity by conducting an extensive survey among IT professionals in the Netherlands. I was particularly struck by the different outcomes for users of various company sizes: 200-499 employees, 500-999 employees, and 1000 or more employees.

1000 or more employees: the frontrunner in security methods

One of the most notable findings from our research is the extensive use of various security methods by organizations with more than 1000 employees. This is likely because these organizations have a more mature approach to security. Additionally, the costs of security measures do not always scale proportionally with company size; larger organizations can often implement measures more efficiently.

500-999 employees: caught in the middle

This group of respondents falls between large and small companies in several areas (logically), yet a few things stand out. This group is most concerned about malware and DDoS attacks. Perhaps this is because they have reached a size that makes them an attractive target, but lack the budget to adequately address these threats. This group is also by far the best at patching: in 24.4% of cases, patches are installed within a few hours. Perhaps the company is large enough to professionalize and automate the patching process, but not so large that the process is slowed down by legacy systems and overly complex structures.

"De aanvallers worden steeds slimmer, de lat voor beveiliging ligt dus ook steeds hoger."

200-499 employees: is cybersecurity becoming too complex?

This is the group that worries me the most. Respondents indicate that there is insufficient budget, and this group is also the least resilient to cyberattacks. They struggle the most with the thorough implementation of security measures.

These issues are all related, of course; without sufficient budget, it is simply difficult to implement all the necessary measures. This indicates that cybersecurity has become quite complex. Attackers are getting smarter, so the bar for security is also getting higher. Additionally, there is more and more legislation that must be complied with.

Conclusion

It is clear that the increasing demands and regulatory pressure are becoming a real problem, especially for smaller organizations. The costs of all measures do not scale proportionally with company size. For measures where the costs for a small company are not much lower than for a large company, the smaller company is disproportionately affected. To compensate, the available IT budget for organizations with 200-499 employees should be proportionally much higher than for organizations with 500-999 employees, but we do not see this reflected. This is logical, as the budget simply is not there. The research shows that these smaller organizations do outsource a bit more, but perhaps this needs to be significantly increased to improve efficiency and reduce costs. It is important to remember that the organization remains responsible. Keep your finger on the pulse!

No one-size-fits-all

The survey reveals that there is no one-size-fits-all solution for cybersecurity. Different organizations face different challenges. Every environment, whether public, private, hybrid, or on-premise, has its own unique challenges and requirements. What is clear is that a holistic approach and regular testing are crucial to increasing resilience against cyberattacks. At Solvinity, we remain committed to helping organizations navigate this complex landscape and providing them with the best security solutions.

Click here for more information about our research and our services or contact one of our experts. Together, we can work towards a more secure digital future.