Posted 23 May 2020

70% of Organizations to Increase Cybersecurity Spending Following COVID-19 Pandemic

Laurent Halimi blog profile image

By Laurent Halimi

With coronavirus crisis creating new opportunities for cybercriminals, 70 percent of organizations are seeing the value of increasing their investments in cybersecurity solutions. 

According to a LearnBonds.com report, besides boosting their cybersecurity spending, as the top IT priority this year, around 55 percent of major organizations will boost their investments in automation solutions, revealed HFS Research survey conducted in April. Smart analytics, hybrid or multi-cloud and artificial intelligence follow, with 53 percent, 49 percent and 46 percent of those bodies asked naming them as their leading IT investments this year.

The statistics show spending on augmented and virtual reality technology, blockchain and edge computing is under pressure this year, with just 32 percent, 30 percent and 27 percent of enterprises planning to increase their spending on these technologies in 2020. Though recent years have witnessed a surge in the use of artificial intelligence, helping businesses to improve their efficiency, quality and speed, statistics show artificial intelligence solutions are set to witness a massive drop in spending this year, with 23 percent of major enterprises planning to cut their investments on these technologies. Blockchain follows with an 18 percent share among those asked downsizing their IT budgets.

However, data revealed IT vendors are much more optimistic about their clients spending on AI technology, with 59 percent of respondents expecting increased investments this year.

Jack Mannino, CEO at nVisium, says, “The challenge for many organizations is continuing to accomplish their security must-dos with significantly less resources. Relying on a pool of trusted security partners is critical, as niche skills or deep expertise may come from external sources when internal headcount is constrained. Historically, companies have increased their security outsourcing in periods where it’s hard to justify increasing or maintaining internal head count. It’s important for security providers to understand that their goal is to help an organization maintain security continuity during this period, not to replace their teams long term.” 

“I expect spending to be cautious over the next few months, yet, threats to businesses aren't going away," says Rick Holland, CISO, Vice President of Strategy at Digital Shadows. "Budgets will have more scrutiny than ever before, however, a risk-based approach is still required. Non-essential spending should be pushed back, but it would be foolish to stop mitigating risks in the near term. Historically, cybersecurity is a sector where spending still occurs, even when the economy dips. There are risks to smaller and emerging firms, but sales revenue and the amount of capital raised provides resilience. To avoid going under, startups must have enough funds to cover operating expenses over the next few months to survive the COVID-19 storm.”

Steve Durbin, managing director of the Information Security Forum, cautions about organizations reducing their cyber workforce at a vulnerable time. “It is more likely that businesses will be exposed because they neither have in-house, nor external access to the necessary skills to deliver their business operations with a remote workforce.  I don’t see a short term altering of spending, but clearly this will come for many organizations as the COVID-19 crisis continues.  It would extremely short sighted for business leaders to reduce cybersecurity staff and budget at a time when the majority of the workforce is critically dependent on cyber to function.”

Fausto Oliveira, Principal Security Architect at Acceptto, agrees reducing cybersecurity and IT staff would affect the well-being of systems in place and the security of remote workers. “Losing cybersecurity and IT staff increases the risk of a successful attack during the COVID-19 pandemic and may impair the ability of a company to sustain the large volume of remote workers. MSSPs are certainly a good choice when the financial cost of the cybersecurity function exceeds what the company can afford. I imagine that if the current scenario of personnel working from home remains in place for the long-term, then we will see a surge in the usage of MSSPs to address security gaps and act as a virtual cybersecurity function.” 

Bob Stevens, Vice President, Americas at Lookout,  warns the move to a remote workforce has changed the security attack surface for every organization. "Employees working from home are using their personal mobile devices to connect to home networks, which means traditional perimeter-based security tools no longer provide visibility or control for security teams. CISOs are adapting to provide endpoint security to all devices in this new normal, to enable teams and organizations to get back to business."

 

Mobile phishing has increased as malicious actors target what they see as unprotected mobile devices used by employees, adds Stevens. For example, as employees left the traditional office, Lookout saw a 37.1 percent jump in mobile phishing encounter rates, rising from 15.8 percent in 4Q2019, to 21.6 percent in 1Q2020, he says. 

"CISOs were focused on endpoint protection for traditional work devices like laptops. In a remote work world, cybersecurity tools must protect all devices employees connected to corporate cloud data - in particular mobile devices," he notes. For instance, Lookout saw a significant increase in use of mobile by employees: between January 15 and May 14, use of iOS devices increased 26.3 percent, highlighting a growing dependence on mobile devices as organizations work to remain productive, Stevens claims.

Jack Kudale, founder and CEO of Cowbell Cyber, however, doesn't believe that cybersecurity spending will be altered. "However, I anticipate that priorities will shift. To prevent protection gaps, in an ideal world, cybersecurity should evolve ahead of technology. The best we can do is to incessantly assess risk exposures, providing businesses visibility into risk areas and gaps in cyber insurance coverage. The longer the crisis goes on, the more likely significant changes will stick in the long run. COVID-19 is changing the way we engage with work. It is triggering a new wave of innovation and accelerate the deprecation of outdated technologies. Cybersecurity is highly likely to fall behind again, but cyber insurance will continue to grow as an effective alternative to mitigate loss.”

Mike Weber, Vice President at Coalfire, says the first lesson in cybersecurity 101 is security as a bolt-on afterthought when rushing a solution to production tends to be an expensive proposition, or worse yet, an ineffective one. "Organizations that weren’t positioned to quickly pivot to an all-remote workforce or to solutions that promote business operations beyond their brick-and-mortar facilities have struggled to adapt to this ‘new normal’. Migrating systems from a ‘legacy’ on-prem solution to a highly available remote-access-friendly solution can be loaded with changes and nuance that are not immediately apparent. These can create security issues that could require expensive and time-consuming re-engineering to mitigate. Those organizations that had to scramble are likely coming up short on cybersecurity controls like monitoring and analytics, which could be part of the anticipated uptick in spending as reported on the survey."

What can organizations do to protect themselves against the next time they have high levels of risk thrust on them due to unique and unforeseen situations that have massive global physical, financial, and healthcare impact?  "Great question," says Weber, "and if you get that answer from somebody, please let me know. But seriously… I liken this to ransomware: Just like ransomware where if you don’t have robust backups BEFORE the attack, you’re not likely to be able to recover easily, thus the primary recommendation to avoid that is to fix your backup solution. Similarly, if you aren’t already accommodating a remote workforce and fully online environment, the recommendation is to build it out with careful operational and security consideration."

“The main advice I would give organizations right now is consolidation," says Thomas Hatch, CTO and Co-Founder at SaltStack, "There are tools that can scan and fix, and tools that cover multiple security cases. It is very natural for companies to have many vendors with overlap. Evaluating how your vendors are being used can help you find those gaps where you can save spending costs.”