Last year saw a tremendous shift in security priorities following enterprises’ response to the pandemic. The good news is, business leadership is now paying more attention to information security. The bad news is, enterprise security teams have a lot of work ahead.
According to a survey conducted by IDG on behalf of integration services provider Insight Enterprises, the shift to protect remote workers forced many organizations to back-burner their longer-term security initiatives.
The survey polled 213 users at organizations with 1,500 or more employees, representing a cross-section of vertical industries. In the effort to protect their suddenly-larger population of remote workers, the majority of companies shifted their focus to a handful of initiatives to better protect those workers, according to the survey. These initiatives included threat visibility/identification (73%), incident response (70%), network security (68%), endpoint security (67%), application security (67%), malware protection (64%) and identity and access management (55%).
Ken Swick, senior security consultant at Manchester, UK-based security services provider NCC Group, says those are the kinds of investments he’s seeing in the field. “More organizations are improving their incident response programs, including implementing incident response tabletop exercises,” he said. “They’re creating playbooks for specific types of incidents, and also improving their communication plans for internal and external reporting requirements,” he added.
The survey also found that 91% of organizations plan to increase their cybersecurity budgets in 2021. A survey released in early February by managed cloud services provider Syntax found that 56% of the 500 U.S.-based IT decision-maker respondents polled will allocate 40% of their IT budgets to cybersecurity this year.
But the shift came at a price, as more comprehensive and long-term security initiatives became lower-priority, including identity governance, zero trust, data analytics, AI/machine learning and SASE implementations, according to the survey.
The report, dubbed Cybersecurity at a Crossroads: The Insight 2021 Report, report found 78% of respondents lack confidence in the security of their organization, with the lowest confidence levels reported with regard to their security roadmap (32%), security-related technology and tools (30%) and internal teams and skill sets (27%). They reported the highest level of trust in their company’s data management strategy, but even then, less than half (45%) voiced confidence in this aspect of security operations, the survey showed.
A big challenge is the lack of personnel, the report concluded, which meant things like data security risk assessments were not done at many organizations. Interestingly, only 27% of respondents increased their IT security staff last year. This year, 41% plan to increase their staff.
Interestingly, 55% of respondents said that their company’s lack of automation is the top challenge in security operations and management. The report’s authors conclude that this is hindering respondents’ ability to respond to security events and systems management notifications. The problem is exacerbated by factors including the disparate tool sets involved, outdated technology that lacks the APIs to support automation and the time and advanced skill sets required to implement automated processes, the report concluded.
In addition to increased hiring, enterprises report that they will work to integrate security more deeply into aspects of their organization, indicating rising recognition of the risk that a cyberattack would pose to company operations. In addition, 68% initiated projects to integrate incident response into company-wide business continuity plans, 61% are integrating cybersecurity into infrastructure and DevOps decisions and 59% are incorporating IT security into broader business operations decisions to better combat cyberthreats.
Perhaps the best news is that all respondents said that their boards and executive leadership are more focused on the security of their organization than ever before. That increased attention is especially true since the revelations of the so-called SolarWinds attack and the incidents that followed, said Swick. “That news caught the attention of many executives,” he said.