COVID-19 Pandemic Moves Organizations to Increase Cybersecurity Spending

• Coronavirus crisis creating new opportunities for cybercriminals, 70 percent of organizations are seeing the value of increasing their investments in cybersecurity solutions.

• The challenge for many organizations is continuing to accomplish their security must-dos with significantly less resources.

• It’s important for security providers to understand that their goal is to help an organization maintain security continuity during this period, not to replace their teams long term.

With coronavirus crisis creating new opportunities for cybercriminals, 70 percent of organizations are seeing the value of increasing their investments in cybersecurity solutions. According to a LearnBonds.com report, besides boosting their cybersecurity spending, as the top IT priority this year, around 55 percent of major organizations will boost their investments in automation solutions, revealed HFS Research survey conducted in April. Smart analytics, hybrid or multi-cloud and artificial intelligence follow, with 53 percent, 49 percent and 46 percent of those bodies asked naming them as their leading IT investments this year. The statistics show spending on augmented and virtual reality technology, blockchain and edge computing is under pressure this year, with just 32 percent, 30 percent and 27 percent of enterprises planning to increase their spending on these technologies in 2020.

Though recent years have witnessed a surge in the use of artificial intelligence, helping businesses to improve their efficiency, quality and speed, statistics show artificial intelligence solutions are set to witness a massive drop in spending this year, with 23 percent of major enterprises planning to cut their investments on these technologies. Blockchain follows with an 18 percent share among those asked downsizing their IT budgets. However, data revealed IT vendors are much more optimistic about their clients spending on AI technology, with 59 percent of respondents expecting increased investments this year. Jack Mannino, CEO at nVisium, says, “The challenge for many organizations is continuing to accomplish their security must-dos with significantly less resources.

Learn more: SINGLE LAYERS OF SECURITY AREN’T ENOUGH TO PROTECT YOUR ORGANIZATION’S DATA .
 

"Employees working from home are using their personal mobile devices to connect to home networks, which means traditional perimeter-based security tools no longer provide visibility or control for security teams. CISOs are adapting to provide endpoint security to all devices in this new normal, to enable teams and organizations to get back to business."

~ Cisco Team

Relying on a pool of trusted security partners is critical, as niche skills or deep expertise may come from external sources when internal headcount is constrained. Historically, companies have increased their security outsourcing in periods where it’s hard to justify increasing or maintaining internal head count. It’s important for security providers to understand that their goal is to help an organization maintain security continuity during this period, not to replace their teams long term.” Budgets will have more scrutiny than ever before, however, a risk-based approach is still required. Non-essential spending should be pushed back, but it would be foolish to stop mitigating risks in the near term.

"CISOs were focused on endpoint protection for traditional work devices like laptops. In a remote work world, cybersecurity tools must protect all devices employees connected to corporate cloud data - in particular mobile devices,"

Historically, cybersecurity is a sector where spending still occurs, even when the economy dips. There are risks to smaller and emerging firms, but sales revenue and the amount of capital raised provides resilience. To avoid going under, startups must have enough funds to cover operating expenses over the next few months to survive the COVID-19 storm.” Steve Durbin, managing director of the Information Security Forum, cautions about organizations reducing their cyber workforce at a vulnerable time. “It is more likely that businesses will be exposed because they neither have in-house, nor external access to the necessary skills to deliver their business operations with a remote workforce. I don’t see a short term altering of spending, but clearly this will come for many organizations as the COVID-19 crisis continues. It would extremely short sighted for business leaders to reduce cybersecurity staff and budget at a time when the majority of the workforce is critically dependent on cyber to function.

Fausto Oliveira, Principal Security Architect at Acceptto, agrees reducing cybersecurity and IT staff would affect the well-being of systems in place and the security of remote workers. “Losing cybersecurity and IT staff increases the risk of a successful attack during the COVID-19 pandemic and may impair the ability of a company to sustain the large volume of remote workers. MSSPs are certainly a good choice when the financial cost of the cybersecurity function exceeds what the company can afford. I imagine that if the current scenario of personnel working from home remains in place for the long-term, then we will see a surge in the usage of MSSPs to address security gaps and act as a virtual cybersecurity function.” Bob Stevens, Vice President, Americas at Lookout, warns the move to a remote workforce has changed the security attack surface for every organization.

Learn more: HOW CSOS CAN PROTECT USERS FROM PHISHING ATTACKS RELATED TO COVID-19 .