The majority (78%) of senior IT and security leaders believe their organization lacks sufficient protection against cyberattacks, leading 91% of organizations to boost cybersecurity budgets this year, according to an Insight survey of 213 executives.
Leaders have the most trust in their organization's data management strategy; 45% of respondents said they were confident in data management security. Only 32% were confident in their company's security roadmap, 30% were confident in their security-related technology and tools, and 27% were confident in their internal teams and skill sets.
After rushed digital transformation in 2020, cybersecurity teams are using the budget boost to clean up security. "Organizations made strides to address gaps and integrate cybersecurity into business, operational and IT infrastructure decisions, but there is still an enormous amount of work to be done," said Shawn O’Grady, SVP and general manager of Cloud + Data Center Transformation at Insight.
In response to the pandemic, businesses shifted cybersecurity priorities to respond to immediate challenges, according to the survey. On average, organizations accelerated five to six initiatives to protect the newly distributed IT environment, while long range projects fell behind.
A majority of respondents pursued threat visibility/identification, incident response, network security, endpoint security, application security, malware protection and identity and access management efforts. Few organizations executed identity governance, zero trust, data analytics, AI/ML and SASE implementations last year, the survey states.
"Hackers don't rest during a pandemic so security is something that should never be an afterthought," Thomas Phelps, SVP of corporate strategy and CIO at Laserfiche, said Tuesday at Laserfiche Empower 2021. "It's something that organizations regardless of size should constantly be investing in."
Laserfiche invested in a zero trust model to help ensure that endpoints are protected no matter where a user takes a device and implemented anti-phishing training to account for the human element of cybersecurity during the pandemic, according to Phelps.
All respondents (100%) to the Insight survey said their boards and executive teams are more focused on the organization's security posture than in years past, taking some burden off of security professionals to strategically communicate the need for cybersecurity investments to higher-ups.
Organizations listed cybersecurity as a top spend area in Gartner's 2020 CIO survey, as both a reaction to pandemic-era security concerns and to catch up from underinvesting. Even in a worst case scenario, global spend on cybersecurity is set to grow 6.6% year over year, reflecting the prioritization of security efforts across sectors.