How to prepare for evolving cybersecurity landscape | HCLTech
Home
Subscribe
Cybersecurity

Building resilience in the evolving cybersecurity landscape

HCLTech’s Global Cyber Resilience Study 2024-25 reveals emerging tech and partnerships as vital to strengthening cybersecurity strategies against evolving and sophisticated threats
 
4 minutes read
Nicholas Ismail
Nicholas Ismail
Global Head of Brand Journalism, HCLTech
4 minutes read
Share
Listen to article
Mute
30s Backward
30s Forward
Building resilience in the evolving cybersecurity landscape

In an increasingly digital world, cybersecurity is now firmly on the boardroom agenda.

However, despite this, delivering effective cybersecurity is as uncertain as ever, with global conflicts, economic headwinds and emerging technologies like generative AI (GenAI) creating new vulnerabilities and making organizations more prone to cyberattacks.

HCLTech’s latest cybersecurity research, which surveyed 1596 security leaders, explores this evolving landscape, including how organizations can better prepare themselves, emerging strategic priorities, the importance of managed service security provider partnerships and the role of the emerging technologies impacting the future of cybersecurity.

The cybersecurity landscape: A challenging outlook

The report found that in the past year, over half of security leaders (57%) faced the reality of a cyberattack, with North America (64%) and industries like Life Sciences and Healthcare (62%) experiencing the most targeted attacks. 

In EMEA, 57% reported similar incidents, while 51% in ANZ faced similar attacks. While Telecom, Media and Entertainment (59%) and Manufacturing (58%) were also particularly targeted.

The old adage is true; it’s not if but when an organization’s defenses are breached and in the last 12 months, cloud malware injections (47%), credential theft and API vulnerabilities were among the most common methods attackers used. In the face of this reality, it’s how organizations respond to cyberattacks that defines their security strategy.

Unfortunately, nearly three-quarters of security leaders reported moderate to severe difficulties in returning to normal operations. The question becomes how to turn a reactionary cybersecurity strategy to one that is proactive.

This is an uphill battle as the future looks no easier with 81% of leaders expecting to be hit again in the next 12 months, with AI-generated threats is the most pressing growing concern, according to 54% of respondents.

To overcome this, organization’s need to refocus, restrategize and reprepare, while addressing the long-existing gap between business and IT. The report found that this misalignment was a key reason (66%) hindering cybersecurity leaders from achieving full effectiveness and resilience.

A lack of cyber readiness, talent and communication 

Many organizations are still playing catch-up when it comes to cyber readiness. Only 48% of security leaders feel confident in preventing attacks, and 46% believe they are prepared to respond and recover effectively. The in-house expertise needed to tackle these growing threats is also lacking — just 35% of leaders say they have enough resources to deal with current cybersecurity risks. This is particularly concerning for sectors like Financial Services, Healthcare and Retail, where better incident response, governance, and communication practices are critical.

According to the report, cybersecurity leaders dedicate a significant portion of their time to governance and compliance. While this focus is vital, it can sometimes overshadow efforts to enhance communication with the Board and senior management. 

Effective communication about cybersecurity threats and successes is essential, yet many leaders face challenges in articulating their organization’s security posture to senior management. Notably, 61% of leaders emphasize the importance of providing regular updates to C-level executives and boards. 

HCLTech launches enterprise data security service in collaboration with Intel

Learn more

Strategic priorities, investments and outsourcing shifts

When it comes to aligning on strategic priorities to manage the evolving, growing threats, in the next one to two years, organizations are focusing on optimizing cybersecurity costs (48%), consolidating security platforms (43%) and embracing architecture like SASE and Zero Trust (43%).  Security leaders must carefully balance cost efficiency with operational effectiveness, ensuring that every investment directly contributes to a more resilient and agile cybersecurity posture. By prioritizing consolidation, automation and continuous risk assessment, organizations can not only optimize their budgets but also build a cost-effective, scalable security framework capable of tackling both current and future challenges.

With budgets expected to rise by an average of 11% in 2025 — led by North America with a 13% increase — investments are being funneled into improving compliance (84%), SOC automation (76%), incident response and building stronger cyber resilience (75%). Industries like Life Sciences, Healthcare and Financial Services are leading the way in these efforts.

To help realize these strategic priorities, 90% of organizations are turning to managed security service providers (MSSPs) to outsource key IT security activities and compensate for the lack of in-house expertise, resources and bandwidth. 

Despite a strong focus on cost optimization in cybersecurity, there is a shift to prioritizing capabilities and global scale, reflecting a more robust demand for high-quality, reliable outsourcing.

Looking ahead: Emerging technologies impacting cybersecurity

AI/GenAI, automation and Identity Access Management (IAM) are three critical technologies where cybersecurity leaders plan to further invest or optimize existing operations.

According to the report, the key drivers for investing in AI and GenAI solutions are ensuring compliance and regulation (55%), preventing data breaches (54%) and reducing costs (37%). However, there are challenges in implementing these solutions, such as difficulty integrating GenAI-based security technologies with legacy systems and a lack of in-house expertise.

In the case of cybersecurity automation, reducing costs (57%) remains the primary driver for continued investment, while improving user experience (63%) is the top motivator for optimizing IAM operations. By focusing on refining and scaling these technologies, organizations can enhance their security posture while achieving operational efficiency and resilience.

Dynamic cybersecurity and resilience are essential in a more dangerous world 

There is no doubt that the cybersecurity landscape is becoming more dangerous.

Cyberattacks are more frequent, less predictable and embracing technologies like GenAI to become increasingly successful.

In this challenging environment, organizations must prioritize decisive action to build resilience and adopt a dynamic approach to cybersecurity. The report found that by enhancing communication about cybersecurity with the C-Suite and board, closing the skills gap and ensuring every cybersecurity investment delivers real, measurable benefits, organizations can take a proactive approach to cybersecurity that enhances business productivity and supports the broader business goals.

Explore the smarter way to the cloud

Learn more

Get HCLTech Insights and Updates delivered to your inbox

Subscribe
Cybersecurity

Inspiring business confidence through dynamic cybersecurity

TAGS:
Cybersecurity
Share On
Copy link copy-link

Related Content

AI governance: Ensuring safe adoption of AI technologies
AI | September 5, 2024

AI governance: Ensuring safe adoption of AI technologies

Understanding the risks associated with AI and the need for secure, ethical and compliant AI implementations

Read the article
The importance of SASE in securing the modern enterprise
Cybersecurity | June 26, 2024

The importance of SASE in securing the modern enterprise

Secure Access Service Edge (SASE) has emerged as a critical component of securing modern enterprises in the hybrid era

Read the article
IAM consulting: A key priority on the CISO agenda
Cybersecurity | June 13, 2024

IAM consulting: A key priority on the CISO agenda

Sonal Srivastava, Global Lead for IAM Strategy, Consulting and Advisory at HCLTech, explores the role of IAM Consulting in safeguarding digital identities and navigating the threat landscape

Read the article

Latest Analyst Reports

Why we are the go-to partner for enterprises

Read more