COVID-19 Pandemic Moves Organizations to Increase Cybersecurity Spending

Cisco | May 22, 2020

  • Coronavirus crisis creating new opportunities for cybercriminals, 70 percent of organizations are seeing the value of increasing their investments in cybersecurity solutions.

  • The challenge for many organizations is continuing to accomplish their security must-dos with significantly less resources.

  • It’s important for security providers to understand that their goal is to help an organization maintain security continuity during this period, not to replace their teams long term.


With coronavirus crisis creating new opportunities for cybercriminals, 70 percent of organizations are seeing the value of increasing their investments in cybersecurity solutions. According to a LearnBonds.com report, besides boosting their cybersecurity spending, as the top IT priority this year, around 55 percent of major organizations will boost their investments in automation solutions, revealed HFS Research survey conducted in April. Smart analytics, hybrid or multi-cloud and artificial intelligence follow, with 53 percent, 49 percent and 46 percent of those bodies asked naming them as their leading IT investments this year. The statistics show spending on augmented and virtual reality technology, blockchain and edge computing is under pressure this year, with just 32 percent, 30 percent and 27 percent of enterprises planning to increase their spending on these technologies in 2020.


Though recent years have witnessed a surge in the use of artificial intelligence, helping businesses to improve their efficiency, quality and speed, statistics show artificial intelligence solutions are set to witness a massive drop in spending this year, with 23 percent of major enterprises planning to cut their investments on these technologies. Blockchain follows with an 18 percent share among those asked downsizing their IT budgets. However, data revealed IT vendors are much more optimistic about their clients spending on AI technology, with 59 percent of respondents expecting increased investments this year. Jack Mannino, CEO at nVisium, says, “The challenge for many organizations is continuing to accomplish their security must-dos with significantly less resources.



Learn more: SINGLE LAYERS OF SECURITY AREN’T ENOUGH TO PROTECT YOUR ORGANIZATION’S DATA .
 

"Employees working from home are using their personal mobile devices to connect to home networks, which means traditional perimeter-based security tools no longer provide visibility or control for security teams. CISOs are adapting to provide endpoint security to all devices in this new normal, to enable teams and organizations to get back to business."

~ Cisco Team


Relying on a pool of trusted security partners is critical, as niche skills or deep expertise may come from external sources when internal headcount is constrained. Historically, companies have increased their security outsourcing in periods where it’s hard to justify increasing or maintaining internal head count. It’s important for security providers to understand that their goal is to help an organization maintain security continuity during this period, not to replace their teams long term.” Budgets will have more scrutiny than ever before, however, a risk-based approach is still required. Non-essential spending should be pushed back, but it would be foolish to stop mitigating risks in the near term.

"CISOs were focused on endpoint protection for traditional work devices like laptops. In a remote work world, cybersecurity tools must protect all devices employees connected to corporate cloud data - in particular mobile devices,"


Historically, cybersecurity is a sector where spending still occurs, even when the economy dips. There are risks to smaller and emerging firms, but sales revenue and the amount of capital raised provides resilience. To avoid going under, startups must have enough funds to cover operating expenses over the next few months to survive the COVID-19 storm.” Steve Durbin, managing director of the Information Security Forum, cautions about organizations reducing their cyber workforce at a vulnerable time. “It is more likely that businesses will be exposed because they neither have in-house, nor external access to the necessary skills to deliver their business operations with a remote workforce. I don’t see a short term altering of spending, but clearly this will come for many organizations as the COVID-19 crisis continues. It would extremely short sighted for business leaders to reduce cybersecurity staff and budget at a time when the majority of the workforce is critically dependent on cyber to function.


Fausto Oliveira, Principal Security Architect at Acceptto, agrees reducing cybersecurity and IT staff would affect the well-being of systems in place and the security of remote workers. “Losing cybersecurity and IT staff increases the risk of a successful attack during the COVID-19 pandemic and may impair the ability of a company to sustain the large volume of remote workers. MSSPs are certainly a good choice when the financial cost of the cybersecurity function exceeds what the company can afford. I imagine that if the current scenario of personnel working from home remains in place for the long-term, then we will see a surge in the usage of MSSPs to address security gaps and act as a virtual cybersecurity function.” Bob Stevens, Vice President, Americas at Lookout, warns the move to a remote workforce has changed the security attack surface for every organization.


Learn more: HOW CSOS CAN PROTECT USERS FROM PHISHING ATTACKS RELATED TO COVID-19 .
 

Spotlight

"Organizations of all sizes and types find a lot to like about cloud computing,
including greater operational efficiencies and lower costs than with
traditional IT deployments. However, many still have lingering concerns
about reduced visibility into cloud infrastructure, less control over security
policies, new threats against shared environments and the complexity
of demonstrating compliance."

Spotlight

"Organizations of all sizes and types find a lot to like about cloud computing,
including greater operational efficiencies and lower costs than with
traditional IT deployments. However, many still have lingering concerns
about reduced visibility into cloud infrastructure, less control over security
policies, new threats against shared environments and the complexity
of demonstrating compliance."

Related News

SOFTWARE SECURITY

Camera Cyber Security Specification and Alliance Council for App Developers are announced by the Open Security & Safety Alliance.

Open Security & Safety Alliance | March 03, 2021

The Open Security and Safety Alliance, an industry body contained partners from all aspects of the security, wellbeing and building mechanization space, today declared two significant advancements as a component of its main goal to clear the street towards dependable and imaginative security and wellbeing arrangements. Initial, another particular is currently accessible to individuals that centers around camera network protection measures. OSSA likewise presents another App Developer Council intended to pull in and include application designers in the Alliance's steadily developing environment of security and wellbeing industry players. Executing Trustworthiness Thresholds The most current specialized particular – the OSSA Camera Cyber Security Specification – contains definitions and rules in regards to obligatory and discretionary security judgments for cameras. It is to a great extent dependent on a current norm by the International Electrotechnical Commission (IEC), with an extra clear spotlight on the security market and OSSA reasoning by straightforwardly splitting the jobs and duties between camera producers, the working framework (OS) supplier and the framework on-chip (SoC) merchant, specifically. The determination additionally endorses duty changes in case of individual OS alterations by camera producers. The compulsory piece of these rules will be utilized as contribution for the impending OSSA certificate system. The OSSA-coordinated environment is intended to improve trust, empower development past the constraints of a solitary association, and fuel opportunity for industry partners and clients.

Read More

Executive Overconfidence is a security risk that Netsparker Research finds

prnewswire | October 13, 2020

Netsparker, the leading enterprise dynamic application security testing (DAST) solution, teamed up with Dimensional Research to understand the maturity and effectiveness of web application security in organizations worldwide. Security professionals from 382 organizations across the globe responded to the survey, with roles spanning development, DevOps, and C-suite. Netsparker analyzed the findings and today released a report, "New Vulnerability Found: Executive Overconfidence."

Read More

SOFTWARE SECURITY

Radware Expands its Partnership with Presidio

Radware | March 21, 2022

Radware, a global leader of cyber security and application delivery solutions, today announced that it has signed a multi-year agreement to expand its partnership with Presidio, Inc, a global digital services and solutions provider that helps businesses modernize their security technology. Presidio is expanding its cyber security package to include Radware's application and API security solutions, bots management, DDoS protection, and Cloud Native Protector to secure its clients' on-premise, cloud, and hybrid infrastructures. “Preparation to protect against cyberattacks is more critical than ever before, and we help our customers every step of the way. Through this partnership, we are combining Radware’s industry leading technology along with our team’s extensive expertise to create a force in fighting emerging cyber threats.” Chris Cagnazzi, senior vice president and general manager at Presidio For applications hosted in cloud settings, Radware delivers 360-degree, real-time security. Radware defends the application surface against malicious traffic as well as the underlying cloud infrastructure against intrusion. Radware offers a web application firewall (WAF), bot management, API security, and DDoS protection for application security. The security is built on proprietary behavioral-based algorithms that learn genuine behavior traffic patterns and then differentiate between harmful and legal traffic to provide a greater degree of protection with reduced false positives. Radware's Cloud Native Protector provides comprehensive, multi-layered workload protection against cloud-native threat vectors for cloud workload security. Glitches in the cloud, excessive permissions, malicious conduct, and other issues fall under this category. Bob Simpson, vice president of North American sales at Radware said that “As one of the leading AWS service providers, Presidio has built an industry reputation as a trusted advisor. Customers trust what they bring to the table. We look forward to continuing to work with Presidio to provide state-of-the-art protection to their customers and through the AWS Marketplace.” Radware's solutions continue to be recognized throughout the industry. Radware was ranked second among 11 providers for API security and high security use cases in Gartner's 2021 Critical Capabilities for Cloud Web Application and API Protection report. In their research "The Forrester Wave: DDoS Mitigation Solutions, Q1 2021," Forrester named Radware a worldwide leader. In its 2021 SPARK Matrix: Bot Management report, Quadrant Knowledge Solutions named Radware the leader. Customers, as well as the industry, recognize Radware's technological competence. In the Gartner Peer Insights "Voice of the Customer:" Web Application Firewall report for 2021, Radware was named a Customers' Choice.

Read More