UK cybersecurity managers question speed-focused certification programs

As outlined in Tech Radar, a significant majority of UK cybersecurity managers are skeptical about the credibility of cybersecurity certification programs that prioritize speed over genuine resilience. New research indicates that rapid, automated compliance processes may be creating a false sense of security, with certifications alone not guaranteeing robust defenses.

Research from IO reveals that 87% of UK cybersecurity managers doubt the credibility of speed-focused certification programs. The study found that 31% of respondents consider continuous controls monitoring the strongest indicator of compliance resilience, while 21% believe certifications can quickly become obsolete after an audit. The findings highlight a concern that certifications like ISO 27001, while useful for contracts, do not inherently guarantee operational resilience.

Experts emphasize the critical role of human oversight, with nearly half of respondents stating that human involvement is essential for validating automated compliance recommendations and interpreting complex regulations. Furthermore, 32% stressed the importance of human validation for compliance evidence generated by automated systems, underscoring the need for a balanced approach that combines automation with human expertise.

Source: Tech Radar