23 January 2023

5 min read

Cyber security worries around hybrid working drop in 2022

Cyber security worries around hybrid working

23 January 2023 - London

Cyber security worries around hybrid working drop in 2022, but 35% of IT leaders still concerned over cyber skills gap, reveals S-RM data.

  • 37% of organisations in 2022 still report cyber security concerns around hybrid working, down from 46% in 2021.
  • Over a third of senior IT leaders in 2022 (35%) consider a lack of employee cyber skills and expertise to be a key challenge.

Leading global intelligence and cyber security consultancy S-RM has today revealed in its Cyber Security Insights Report that there has been a drop in concern around the cyber security threats posed by hybrid working. However, a significant proportion (35%) of IT leaders say they are concerned over a cyber skills gap among employees.


The report, which draws on data from 600 C-suite and IT budget holders from organisations with revenue over USD $500m, found that 37% of organisations reported concerns around hybrid working – a drop from 46% in 2021. This may be in part due to growing awareness of cyber security threats among employees. When asked about the biggest cyber security challenges their organisation faced, just 31% of respondents 'perceived lack of importance from employees in 2022'. While there is still a way to go, this figure is down from 36% in 2021.


Despite growing awareness among employees, the cyber skills gap still remains an area of vulnerability. Over a third of senior IT leaders and C-suite holders in 2022 (35%) highlighted a lack of cyber skills and expertise as a key challenge facing their business when it comes to cyber security defence and incident management – a figure that rose to 42% within the financial services industry. These statistics support the ongoing industry discussion about the difficulties of attracting and retaining the best talent.


The report also illustrated that businesses with more mature cyber security policies prioritise different challenges than less experienced companies. Businesses where senior leaders viewed the company’s cyber security as ‘very mature’ were more likely to consider compliance and unsophisticated or outdated cyber security tools as their key challenges (37% and 33%).


Comparatively, companies describing themselves as 'somewhat mature' were less likely to identify these as key challenges (25% and 26%) but rather identified a lack of skills and expertise (38%) as well as a lack of internal training (33%) as their main issues to their business – highlighting again the worries over the skills gap amongst decision makers .


Jamie Smith, Board Director at S-RM said:

While we have found that more companies are now adjusting to hybrid working and viewing it as less of a risk, it is clear that cyber security challenges are continuously evolving and 2023 will bring fresh risks to consider."

One of the biggest protective measures companies can take over cyber security threats is to build a resilient workforce, and a positive takeaway from our report is that we are seeing more employees take more notice of security threats.” 


Paul Caron, Head of Cyber Security, at S-RM said:

Our report finds some great progress in cyber security maturity across a slew of industries but there is still a significant skills gap evident in the workforce. This is a perennial problem for the sector: how to attract and retain the best talent, to win the knowledge, skills, and technology arms race between threat actors and private businesses."

It is crucial, for businesses to continue to invest in high quality cyber security training in order to both attract this talent and firm up their own defences by closing this skills gap.”  

Further detail on the full report can be accessed on the S-RM website, here.


The S-RM Cyber Security Insights Report 2022 follows on from our 2021 report, Investing in Cyber Resilience: Spend, Strategy and the Search for Value, where we seek to understand the specific cyber security challenges faced by C-suite leaders and senior IT decision makers.

For the report S-RM again surveyed 600 C-suite and IT budget holders from organisations with a revenue over USD 500m. With two years’ worth of data, S-RM was able to analyse the year-on-year changes in the types of incidents experienced by large organisations and their attitudes and approaches to spending on cyber security. This year, in the context of a well-publicised hard market, survey participants were also asked for their views on cyber insurance.

Further detail on the full report can be accessed on the S-RM website, here.

For further information, please contact

Media Enquiries
Tom Stewart-Walvin
+44 (0)7855 689 302

About S-RM

S-RM is a global intelligence and cyber security consultancy. Founded in 2005, it has 400+ experts and advisors across nine international offices. Headquartered in London, S-RM has offices in Cape Town, Hong Kong, London, Manchester, New York, Rio, Utrecht, Washington DC and Singapore.


About Vanson Bourne

Vanson Bourne is an independent specialist in market research for the technology sector. Their reputation for robust and credible research-based analysis is founded upon rigorous research principles and their ability to seek the opinions of senior decision makers across technical and business functions, in all business sectors and all major markets.

For more information, visit www.vansonbourne.com

Share this post

Subscribe to our insights

Get industry news and expert insights straight to your inbox.