COVID-19 crisis shifts cybersecurity priorities and budgets

Поставщики технологий и услуг кибербезопасности меняют приоритеты на текущие потребности: непрерывность бизнеса, удаленная работа и планирование перехода к следующему нормальному режиму

McKinsey

Few corporate functions shifted priorities so much and so quickly when the COVID-19 crisis struck as corporate cybersecurity operations and the technology providers that support them did. As legions of employees suddenly found themselves in a work-from-home model, chief information-security officers (CISOs) adjusted, pivoting from working on routine tasks and toward long-term goals to establishing secure connections for newly minted remote workforces. CISOs also took steps to prevent new network threats that target remote workers and to bolster business-facing operations and e-commerce after a surge in online shopping during pandemic lockdowns.

The response to the crisis continues to press department budgets and limit resources for other, less essential functions—a situation that we believe will direct spending in fiscal year 2021, which many departments are beginning to plan for. According to new McKinsey research, overall spending should taper off from the sector’s recent rapid growth in industries that were hit hard by the COVID-19 crisis while holding steady in industries that have not been as affected.

The challenges that cybersecurity organizations face have spilled over to technology providers. Those companies have done their own pivots to keep up with customers’ shifting needs and to institute new ways of doing business. To succeed in the post-COVID-19 era, technology providers must rethink their strategies and offerings to accommodate a new security landscape. And they must continue to monitor customers’ needs and adjust sales, service, and training accordingly.

COVID-19 crisis’s impact on cybersecurity spending

CISOs responded to the pandemic by quickly instituting measures to maintain business continuity and protect against new cyberthreats. To manage continuity, they have been patching remote systems over virtual private networks (VPNs) that have strained under increased loads. They have been monitoring spiking threat levels, including a near-sevenfold increase in spear-phishing attacks, since the pandemic began. Remote workers are also being bombarded with attacks based on COVID-19-crisis themes that are taking advantage of delayed updates to email and web filters, and using social engineering to prey on workforce concerns.

Many CISOs’ fiscal 2020 budgets had already been allocated before the pandemic, so to cover the cost of addressing the crisis, they had to put other projects on hold. According to our research, which covers more than 250 global CISOs and security professionals, the crisis-inspired security measures will remain top budget priorities in the third and fourth quarters of 2020.

More than 70 percent of security executives also believe that their budgets for fiscal year 2021 will shrink, according to the survey. As a result, supporting new tactics to safeguard organizations is expected to limit outlays for such things as compliance, governance, and risk tools. For corporate security-operations centers, the cost of securing the fundamentals could reduce budgets for more advanced threat-intelligence upgrades, behavioral analytics, and other tooling.

In our client work, we have seen those priorities play out in many ways, including the following:

  • A software company rerouted resources that had been designated for a security-automation project to cover gaps in multifactor authentication (MFA).
  • A consumer-packaged-goods company postponed holding cybersecurity “war games” and diverted the resources to accelerate the rollout of a VPN.
  • A financial-services company postponed “red team” exercises to close vulnerabilities in remote-work applications.
  • In the next 12 months, spending will vary by industry (exhibit). For financial-services and insurance industries, for example, we expect to see budget increases for specific segments, such as security controls for the cloudbased business functions that more of those companies are adopting.

Читать далее


Публикации по теме:

Гасан Гусейнов: политическая культура современной России в зеркале ее языка
Как язык отражает политическую культуру государства? На вопрос отвечает визитинг-профессор Свободного университета в Берлине Гасан Гусейнов

Будьте в курсе,
подпишитесь на нашу рассылку

E-mail: info@eedialog.org

Все материалы сайта доступны по лицензии: Creative Commons Attribution 4.0
© 2019 Европейский диалог
escort eskişehir escort samsun escort gebze escort sakarya escort edirne