European CISOs are facing headwinds in geopolitics and workforce retention. Making wise decisions is crucial in such turbulent times, which puts additional pressures on security pros. In our analysis of Forrester’s Security Survey results, we found that: 

  • While tech layoffs dominate the headlines, cybersecurity hiring remains strong. In 2022, Twitter, Meta, and Amazon were at the forefront of coverage on significant big tech workforce cuts. For some, the numbers are still growing due to cuts made this year. But if you look closely, earlier hirings were based on rushed decisions to meet the demand for digital services. RedHat only recently announced the decision to lay off 700 employees, with sales and engineering positions untouched. Forrester data shows that cybersecurity hiring rose in comparison to last year and the demand for cybersecurity skills is still high as cloud migration isn’t slowing down.   
  • Cloud security and managed security services remain the top investments. Cloud security investments remain stable, along with spending on managed security services. However, Forrester’s Security Survey, 2022, reveals that security pros are stretched thin and have to juggle many strategic priorities at the same time. Security leaders are increasing their investments in threat intelligence and addressing numerous security challenges. Given the popularity of hybrid/anywhere work in the past two years, identity and access management security is the key top strategic priority.  
  • Supply chain attacks are taking centre stage in 2023. Supply chain attacks got famous in 2021 – think SolarWinds and the Kaseya breach. According to Forrester’s Security Survey, 2022, supply chains are the top breach cause. Learning from news headlines, CISOs should now be accustomed to preparing for different scenarios that might be due to breached partners or third parties. But hindsight is a wonderful thing, and our survey results show that security pros recalibrate their strategies after a breach. Supply chain breaches can mean various things due to the plethora of possible smoke points. CISOs must focus on digging deeper to understand the true root causes of breaches and set themselves up for success in offensive efforts. 
  • It’s a cost-saving time, and CISOs want to know the ROI. We live in hard times, so do CISOs. Budget battles have become more complex as organizations are trying to get through the economic headwinds. According to Forrester’s Security Survey, 2022, security decision-makers use customer case studies with proven business metrics or a ROI as a primary source when making budget decisions. This trend follows our observations in the Q1 2023 earnings report, which highlights that CISOs frequently ask cybersecurity vendors to help them “save money.” Security pros should be transparent with vendors and use this time to their advantage to get the most out of their investments.   

To learn more about these data points and get advice, Forrester clients can read the full report here.