81% of Security Professionals Identify Phishing as the Top Threat in 2024

The 2024 Fortra State of Cybersecurity Survey uncovers the key security challenges and opportunities for organizations this year 

Posted on January 17, 2024

MINNEAPOLIS – January 18, 2024 – Global cybersecurity software and services provider Fortra today published the findings from its inaugural 2024 Fortra State of Cybersecurity Survey. The research uncovers the challenges security professionals have faced over the past year, as well as what they plan to focus on next as they continue to embrace digital transformation, new hybrid infrastructure, and tackle a challenging security landscape. 

Hybrid Environments Lead to Disparate Challenges and Priorities  

The survey found that most organizations anticipate phishing (81%), malware and ransomware (76%), and accidental data loss (63%) will be the top security risks over the next six months, followed by social engineering (55%) and third-party risks (52%).  

To address these threats, security professionals’ top five cybersecurity initiatives for this year are: limiting outsider threats (such as phishing and malware) (74%), finding and closing security gaps (73%), improving security culture (66%), securing the cloud (63%), and compliance (62%). 

“While these may seem like disparate concerns, they can all be traced back to the headlong rush to the cloud,” explains Antonio Sanchez, Principal Cybersecurity Evangelist. “The impacts of this rapid migration – weak policies, poor container security, misconfigurations, and gaping security holes – came home to roost in 2023 and the consequences will still be playing out this year.” 

Sanchez continues: "Now, the top focus is on improving controls and processes around phishing and malware followed by identifying the latest attack vectors for hardening. Security leaders know that improving security awareness has a direct correlation to improving phishing and malware defenses, so they have made improving security culture a top initiative as well. Improving security culture should also free up resources so they can focus on cloud security as organizations continue to adopt cloud-first and cloud-preferred strategies." 

In line with this, 64% of respondents in Fortra’s survey reported having a hybrid environment, while 19% were cloud-first, and 12% were cloud-only. The 6% who said they had no plans to move to cloud cited security concerns as the reason to not make the jump (77%). 

Skill Shortages and the Increasing Role of Managed Security Services 

The research also explored the hurdles hindering the execution of security strategies, with budget limitations (54%), the constantly changing nature of threats (45%), and lack of security skills (45%) topping the list. In addition, the survey revealed that while everyone is seeking to implement principles of zero trust, a quarter said they aren’t planning to due to insufficient resources. 

Commenting on execution challenges, Wade Barisoff, Director of Product, Data Protection said: “These challenges have contributed to the creation of a very transient cybersecurity culture. In particular, the skills gap means everyone has to wear many hats – analysts are required to be experts in multiple security domains as well as cloud – and consequently, no one is an expert.” 

Many organizations are aware that upskilling needs to occur to strengthen their security position, with 67% saying they are focusing on improving the skills of their staff. Organizations are also leaning into managed security services to offload some of the weight. The most popular areas to offload being: email security and anti-phishing (58%), vulnerability management (52%), data protection (51%), and compliance (40%). 

Explaining this shift, Josh Davies, Principal Technical Manager said: "Burnout is one trend that’s causing skilled people to leave organizations or transition into roles with more targeted responsibilities. This puts additional stress on the remaining staff as they must still deliver the required outcomes with fewer headcount. We are seeing increased adoption in managed security services to relieve a portion of their operational burden." 

Report Methodology/Respondent Profile 

The 2024 Fortra State of Cybersecurity Survey canvassed opinions from over 400 security professionals within 40 different industries across the U.S., Europe, Canada, Asia, the Middle East, Latin America, the Caribbean, Australia, and New Zealand. It provides an essential industry temperature check at a critical juncture in organizations’ digital transformation journeys, whereby leaders are planning security for their new hybrid infrastructure that meets the productivity needs of distributed workforces. 

Find out more about the shifting cybersecurity landscape by reading Fortra’s full report here

About Fortra 

Fortra is a cybersecurity company like no other. We're creating a simpler, stronger future for our customers. Our trusted experts and portfolio of integrated, scalable solutions bring balance and control to organizations around the world. We’re the positive changemakers and your relentless ally to provide peace of mind through every step of your cybersecurity journey. 

©Fortra, LLC and its group of companies. All trademarks and registered trademarks are the property of their respective owners.   

Media Contact:

[email protected]