Kaspersky: 98pct of Cybersecurity Experts Seek Improvements to Maximize Protection

Specifically, the majority of professionals believe there are "a few" or "some" areas that could be enhanced, while one in four advocates for significant upgrades. Such findings were revealed in the latest Kaspersky’s global survey.

A study titled "Improving resilience: cybersecurity through system immunity," conducted by Kaspersky, explored how organizations currently manage cybersecurity and how they are preparing for future challenges. This research surveyed 850 IT professionals responsible for cybersecurity in large companies across Europe, the Americas, APAC, Russia, and META. These respondents represented a diverse range of industries and organizational levels, offering a comprehensive view of current security postures and pain points.

The survey reveals that, despite high satisfaction levels—with 94pct of experts stating they are "satisfied" to "extremely satisfied" with their current protection—the desire for stronger and more adaptable defences remains widespread. Although only 6pct of respondents expressed dissatisfaction with their cybersecurity measures, most recognize the need for improvement. Specifically, 76pct believe there are "a few" or "some" areas that could be enhanced, while 22pct advocate for significant upgrades.

This trend is consistent in APAC, where 94pct reported being "satisfied" to "extremely satisfied" with their current protection. However, 79pct indicated “a few” to “some” areas could be improved while 20pct highlighted significant upgrades are necessary. 

Globally, when asked to identify the weakest aspects of their cybersecurity systems that they would like to improve, respondents pointed to various operational and technical challenges. The most common issues included: Manual processes consuming excessive time (30pct); Reactive protection lacking proactive threat detection (29pct); Shortage of skilled personnel (27pct); Complexity of managing disparate solutions (23pct). 

Obviously, the reliance on manual processes leads to increased operational overhead and delays in identifying and responding to threats, while the absence of proactive threat detection reduces the ability to prevent breaches before they occur. Most critical point is the management of a multiple of different security solutions as it leads to gaps in coverage, misconfigurations, and increased risk of oversight, as security teams struggle to maintain an integrated, effective defense across diverse systems. The fragmentation hampers swift response times and increases the likelihood of overlooked vulnerabilities, ultimately weakening the organization’s overall security posture.

Among other critical weak sides of their current cybersecurity systems noted by respondents were also high risks of systemic collapse following breaches (22pct), overly complex IT/OT environments (21pct), and outdated threat intelligence (20pct). Additional concerns included "alert fatigue" (18pct) and insufficient functionality of current solutions (17pct). These findings highlight the urgent need for streamlined, intelligent security tools to address these vulnerabilities effectively.

These global trends echoed in APAC where regional experts similarly identified key vulnerabilities in their cybersecurity systems. The most cited concerns include reactive protection lacking proactive threat detection (29pct), high risks of systematic collapse after breaches (27pct) and the challenge of managing disparate security solutions (26pct). Operational burdens also persist with manual processes consuming excessive time (24pct) and complex IT/OT environments (24pct) making it difficult to setup effective protection measures. 

As organizations worldwide strive to strengthen their cybersecurity posture, this research highlights that, alongside enhancing traditional cybersecurity solutions, vendors are working to develop innovative approaches: shifting from protecting inherently vulnerable software with applied security measures toward creating secure-by-design systems with innate resilience. Such systems are capable of safeguarding their core assets even when compromised, often with minimal or no additional cybersecurity spending.  

"More and more organizations are beginning to understand that modern challenges require not just strong protection but also a proactive and cohesive security strategy that strengthens every aspect of their digital landscape against potential breaches. That’s why it is essential for companies to adopt a transformative approach, integrating advanced threat intelligence and streamlined processes, and applying reliable, all-encompassing solutions to protect their assets while ensuring operational continuity and building customer trust," comments Alexander Kostyuchenko, Head of Technology Solutions Product Line at Kaspersky.

“We’re at a point of realisation; confidence alone doesn’t equate resilience. In Asia Pacific, many organisations are operating in environments that have grown fragmented, reactive and heavily manual over time. The inherited IT and cybersecurity architecture now stand in the way of an effective protection. This research confirms what we have been seeing on the ground, that true resilience will require not just better tools but better design thinking. It’s apparent that the future belongs to system that are secure-by-design, not secure by afterthought,” Adrian Hia, Managing Director for Asia Pacific at Kaspersky.

To enable comprehensive protection of all business assets and processes, Kaspersky experts recommend:  

• Use centralized and automated solutions such as Kaspersky Next XDR Expert. By aggregating and correlating data from multiple sources in one place and using machine-learning technologies, this solution provides effective threat detection and fast automated response. 

• Provide Security professionals with an in-depth visibility into cyberthreats targeting your organization. Kaspersky Threat Intelligence will provide your team with rich, meaningful and actual context across the entire incident management cycle and helps identify cyber risks in a timely manner.

• As an alternative to traditional cybersecurity, develop secure-by-design solutions and protect them at the code and architecture levels. Based on KasperskyOS, a Kaspersky’s operating system, your products can be inherently protected and can perform their critical functions even in an aggressive environment with no additional cybersecurity solutions.

To read the full report, please visit the website.