CISOs Expect Stable IT Security Budgets in 2023
Cybersecurity budgets are on the rise despite continued economic uncertainty as CISOs and IT decision-makers (ITDMs) report increased confidence in their cybersecurity systems, especially as it relates to end-user compliance.
These were among the findings of a Nupsire survey of 200 CISOs and ITDMs, which also revealed respondents are increasingly concerned with software applications and email and collaboration tools as security challenges.
Consistent with last year’s study, CISOs/ITDMs’ greatest challenges include adapting to the rapid rate of change within the cybersecurity landscape, with six in 10 respondents believing their companies are “somewhat vulnerable” or “extremely vulnerable” to attack.
Within digital environments, cloud applications were identified by 40% as the most susceptible to attack, followed by email/collaboration tools at 40%, software applications at 40% and cloud infrastructure at 38%.
George Jones, CISO at Critical Start, said the primary factors driving costs in 2023 are increasing cybersecurity threats, increasingly stringent regulatory compliance and the continued emergence of digital transformation initiatives.
“The rise in sophisticated cyberattacks and evolving threat landscape, combined with an expanding attack surface, necessitates the adoption of advanced security solutions,” he said. “Customers expect organizations to meet ever-increasing data protection and privacy requirements, such as GDPR and CCPA.”
Meanwhile, the shift to cloud, IoT and other emerging technologies creates new security challenges that often demand investment in more robust cybersecurity measures, while compliance with data privacy and protection rules requires investment in cybersecurity solutions.
Jones said he agrees with the survey findings indicating many CISOs are reporting increased confidence in their cybersecurity posture.
“The perceived effectiveness of implemented security measures and the organization’s security posture directly impact confidence levels,” he explained. “It is also important to note that cybersecurity is an ongoing and evolutionary challenge, and it is crucial to maintain a proactive and continuous improvement model to stay ahead of emerging threats.”
John Bambenek, principal threat hunter at Netenrich, said organizations should focus on getting all the log telemetry they can from their cloud, SaaS and collaboration tools.
“Without that visibility, you can’t know your data has been taken,” he said. “Once that data is in hand, it becomes possible to do new forms of analytics and detection engineering to get control of those unknowns.”
From his perspective, SaaS and email/collaboration tools remain soft spots without much in the way of protection.
“Endpoints are still a concern, but the EDR offerings are mature, which means attackers are shifting,” he added. “CISOs know they’ll be attacked where they are weak, and often organizations respond with ‘I don’t know’ when asked what threats they see in SaaS or collaboration tools.
He pointed out that organizations are willing to spend, but he is seeing people getting rid of shelfware or even not renewing existing contracts because those vendors aren’t proving they are worth the money.
“CISO purchasing trends are being driven by the shift in our tech stack, accelerated by the pandemic, which has created areas with lower security visibility,” he said. “It is that unknown which is driving some new purchasing trends in getting visibility and control of the new risks that were created.”
Darren Guccione, CEO and co-founder at Keeper Security, said the skyrocketing number of endpoints has made it increasingly difficult for IT and security professionals to keep up with emerging threats and vulnerabilities.
“CISOs are finding it increasingly difficult to gain comprehensive visibility, security, compliance and control; to protect every employee, on every device, from every location,” he explained. “In the cloud, all it can take is one click for a threat actor to gain access to an entire organization if data is not properly protected and secured.”
He said the expanding attack surface is particularly concerning, with cyberattacks on the rise and IT security teams competing for talent as macroeconomic conditions are tightening budgets.
“The traditional IT perimeter has vaporized, dramatically increasing the attack surface,” Guccione noted.
Meanwhile, mass migration to distributed remote work environments has radically increased the number of endpoints and the number of remote locations like home offices.
This has resulted in an explosion in the sheer number of websites, applications and systems that require identity verification, access and full end-to-end encryption.
“Data shows the human element is far more difficult to protect and, often, the most error-prone element of the attack chain,” Guccione said. “Organizations should focus on implementing modern, elegant and pervasive cybersecurity solutions that seamlessly integrate with identity solutions in order to provide enterprise-wide visibility, security, reporting and control.”
