Why cybersecurity leaders should focus on spend, people, and technology (in that order)
The cybersecurity industry faces greater challenges than ever. The number of publicly reported data breaches continues to rise, in part due to massive work-from-home migration and the use of specific technologies to support it. While cybersecurity continues to be a priority for most organizations, they are unhappy with the state of their programs, which is reflected in increasing security budgets.
These budget increases and efforts to address evolving threats are critical for cybersecurity decision makers. They provide the opportunity to see what the competition is doing to stay ahead as 2022 approaches.
We surveyed over 100 cybersecurity professionals on the state of the industry and here are four key challenges executives will face in the coming months:
1. Budget growth and allocation
We know cybersecurity budgets are increasing. Gartner estimates that global IT spending will reach $ 4.4 trillion in 2022, up 5.3% compared to 2021. How do the leaders distribute these slowly but constantly growing budgets? Is there a difference in the way companies of disparate sizes allocate their security dollars?
One of the biggest hurdles in budgeting for cybersecurity is deciding whether to nest security funds into the IT budget or keep separate items. Regardless, around 40% of organizations spend the equivalent of 10-15% of their IT budgets on cybersecurity use.
About 80% of budgets are divided into four categories:
- Monitoring and operations
- Endpoint and network security
- Identity and access management
- Enforcement and data protection
Another key consideration is cybersecurity staffing. While 40% of organizations do not hire contractors due to the highly sensitive nature of cybersecurity work, our research found that 56% of companies now outsource up to a quarter of their cybersecurity staff.
It has become increasingly difficult to find the right talent when there are already millions of vacancies in the industry around the world, and almost 500,000 in the United States alone. This cut-throat recruiting landscape will likely require a creative re-imagining of organizational budgets to capture the right talent as competitors ramp up their recruiting efforts at the same time.
2. Growing threats and how to deal with them
Our research found that almost all technology leaders have reported an increase or plateau in cyber incidents, with the majority having faced at least one incident in the past year. Data breaches cost businesses an average of $ 4.24 million and often take months to detect. Other data shows that companies lose around 5% of their stock price after a data breach is disclosed and around 22% after a ransomware attack. Malicious actors know these numbers and are motivated to continue stepping up attacks and adding new weapons to their arsenals.
As more traditional forms of attacks like simple phishing emails continue to be popular, hackers are now ramping up the frequency of ransomware to extract millions from a growing group of targets. In the first half of 2021, 1,097 organizations suffered ransomware attacks, up from 1,112 for all of 2020. Several of them, like the Colonial Pipeline hack, have been extremely destructive.
Organizations are sharply divided on how to handle ransomware attacks. Of the companies we surveyed, about two-thirds do not have a dedicated budget to handle these attacks, and of these, very few reported making payments. Small businesses are less likely to have a solution, while only 10-12% of businesses with more than 1,000 employees have no solution. When organizations implement a ransomware-focused solution, it is typically paired with another product or service.
Security leadership must take into account that there will always be new waves of attacks concentrated in different formats as attackers broaden their horizons. This defines success as being able to plan and pivot to emerging areas of concern regarding potential incidents and responses.
3. Rebalancing program for remote and hybrid work
The shift to remote working has created significant upheavals among cybersecurity leaders as they lose the advantage of restricting critical information to the physical premises of an organization. There is something to be said for employees to interact with work only or primarily through devices linked to the office.
Now that employees are more dispersed, the issue of compromised credentials and other employee risks is rushing to the fore. We found that around 60% of executives reported compromised user credentials and an additional 50% experienced malware or security policy violations.
As remote work incidents continue to grow, what should be done when planning a cybersecurity program? Leaders will need to re-evaluate the effort and prioritization given to measures such as solid employee training as well as follow-up solutions based on their available budgets and the threats external actors face.
4. Identify the most effective cybersecurity solutions
There is now almost unanimous agreement that excellence in cybersecurity can only be achieved with the help of third-party solutions. There are simply too many angles of attack, an increasing frequency of attacks and the stakes that just keep getting bigger. However, solution providers understand this too, and it has led to uncontrolled growth in the number of vendors from which executives must choose.
Because the vendor landscape has become so crowded and difficult to sift through, many security managers find their preferred solutions through word of mouth. While it’s a great idea to narrow down the options based on what has worked for similar businesses, due diligence is still a must when selecting a product that can make or break a company’s security goals. organization. To this end, best practices require executives to assess vendor offerings on four dimensions:
- Ease of implementation and management
- Maturity of the global solution
- Integration with existing infrastructure
- Flexibility and value
The best solution isn’t necessarily the most expensive, and it takes more work than many executives to strike the right balance between features and available budget.
Make smarter decisions with data
To know what success looks like, it’s more crucial than ever for cybersecurity decision-makers to rely on high-quality data about what competitors and industry leaders are doing to address the most challenging challenges. most important of 2022. By digging into the numbers and finding out what works and what doesn’t, those tasked with creating a functioning cybersecurity program can avoid sailing in the dark and finding the information that sheds light on the future. .