UK businesses have suffered a 25% increase in cyber incidents in the last year with budgetary constraints hamstringing cyber strategies. That\u2019s according to the Security\u2019s Lament: The state of cybersecurity in the UK 2023 report from iomart and Oxford Economics, which surveyed 500 UK executives responsible for their organisation\u2019s cyber strategy. The report found that, despite spending more than \u00a340,000 a year on cybersecurity protection, more than a quarter (27%) of organisations think their cybersecurity budget is inadequate to fully protect them from growing threats.\n\nLast week, a study by IANS Research discovered that many CISOs have seen approved 2023 budgets slashed as part of overall budget tightening. The study surveyed 550 CISO respondents within the period of April to August, revealing a general downtick in the allocation of funds for cybersecurity across sectors with a 65% fall in budget growth in the 2022-2023 budget cycle.\n\nTight budgets a top barrier in meeting cybersecurity goals\n\nIn the iomart\/Oxford Economics report, phishing (56%) and malware (55%) were cited as the threats of greatest concern to executives, with less than half confident in their organisation\u2019s ability to in handle them. Fewer still (25%) have confidence their ability to deal with ransomware.\n\nTo respond, organisations have spent an average of \u00a340,190 on vulnerability assessments, penetration testing, or red team engagements to improve their cyber postures. However, many are aware that this isn\u2019t enough, with tight budgets cited as not only a barrier in meeting cybersecurity goals but also a cause of blind spots in businesses\u2019 cyber strategies, according to the report. Meanwhile, rising cyber insurance premiums only stress budgets further, with 70% of businesses noting an increase over the last two years, the report found.\n\nKnowing where to invest budgets has proven difficult too, with the research indicating that almost 40% of executives have trouble sorting through the \u201cnoise\u201d created by the sea of technology offerings and security players in the market to find the best fit for their organisations needs and budgets. What\u2019s more, while almost all respondents have invested in new security products, only half think their investments have been effective.\n\nContrasting security budget data paints conflicting picture\n\nIn contrast to the iomart\/Oxford Economics research, a report published last month by Team8 found that most organizations are increasing their cybersecurity budgets with CISOs planning to widen spending on identity and access management (IAM) and cloud security services. Team8\u2019s 2023 CISO Village Survey, which quizzed 130 global CISOs on a variety of security issues indicated that, along with expected increases in IAM and cloud security spending, CISOs are looking for improved third-party risk management, AI security, and human error\/insider risk reduction solutions.\n\nSeparate research published in June also suggested that security budgets are increasing but missing the mark with knee-jerk reactions and impractical expectations hampering the ability of CISOs to make business-critical security investments. The research came from risk and cybersecurity solutions provider BSS, which surveyed 150 security leaders, indicating that misguided expectations of budget holders regarding security spend are causing problems for CISOs despite notable budget hikes.