Enterprise Digital Security Management in 2021: Challenges, Plans, Budgets
By: Arti Loftus
Originally published on TechZone 360
A recent Spiceworks Ziff Davis study showed that the global COVID-19 pandemic has been and will continue to be a catalyst for change, driving enterprises, and even small and medium businesses to continue to invest in technology to support and secure a remote workforce, despite slowing corporate growth.
The study surveyed 1,000 businesses and found that 76% plan on long-term IT changes due to COVID-19, and 44% plan to accelerate digital transformation plans.
However, with organizations looking to cut back on expenses, tech budget growth has slowed compared to last year. Among businesses taking part in the study, 33% plan to increase their IT budgets in 2021, compared to 44% in the prior year, while 17% of companies expect IT budgets to decline in 2021.
Replacing aging IT infrastructure and growing security concerns are among the biggest areas spend, and with more than half of businesses planning to retain flexible work policies permanently, the “remote work revolution” Identity and Access Management technologies, including Privileged Access Management and Privileged Task Automation, are among the most popular applications for investment.
According to the survey, the following factors will influence budget growth next year: Increased priority on IT projects (45%), changes to business operations during COVID-19 (38%), and the need to support a remote workforce (36%).
“During the rush to remote work caused by the pandemic, it quickly became clear that technology is the glue that keeps businesses and employees connected,” said Peter Tsai, senior technology analyst at Spiceworks Ziff Davis. “With more people working remotely than ever before and face-to-face meetings out of the question, organizations wouldn’t have been able to maintain business continuity or keep productivity levels high without the many technologies companies rely on… including laptops, video conferencing, VPN, chat apps, internet connectivity, and more.”
As working remotely becomes the new normal, IT needs will shift, the company stated in their press release. “As in previous years, hardware will still account for the biggest portion of IT budgets in 2021. But as a percentage of total IT budgets, anticipated spending in this category has dropped significantly in the last two years — from 35% in 2019 to 31% in 2021 — as businesses increase cloud and managed services spending.”
We caught up with Orhan Yildirim, CTO of Ironsphere, a New Jersey-based access control software company supporting many global telecom service providers and large enterprises, to get his take and to learn what they have been hearing from their clients.
“There has never been a more important time for Security Management teams to step up more comprehensive measures to address risks, as we continue to work hard to protect and grow businesses in a challenging economic environment,” Yildirim said. “We work with many large, global banks, for example, and in every country or region, the regulations differ. But what is common is the heightened recognition of the grave risks associated with leaving systems, data, and information and productivity applications unsecured. What is different now, compared to a year ago, is the new level of concern and often chaos, which is why automation of access management is so vital.”
Yildirim went on to explain that most successful attacks—even by external attackers—exploit valid credentials that have been stolen or compromised in some way. “This is why a modern and flexible Privileged Access Management (PAM) solution is crucial. PAM is different from Identity and Access Management, and top CISOs are now seeing with a new sense of urgency the inherent value, involving the mitigation of risks, including reputational damage and fines which are completely avoidable.”
When it comes to automation, Yildirim said, “Much of the effort involved in managing privileged access is granting and revoking access on an as-needed basis, something that can be done with the right software and dramatically reduce the burden on IT administrators. “We are helping our clients improve their overall security posture when privileged access can also be automatically revoked when the need no longer exists.”
As Attacks on Infrastructure Continue to Intensify, Cyber Security Leaders Call for Further Investment
This past week Colonial Pipeline company, which operates a pipeline that carries gasoline, diesel fuel, and natural gas along a 5,500-mile path from Texas to New Jersey, was forced to take itself offline after being attacked by a criminal cyber gang. The Colonial Pipeline, which carries 2.5 million barrels a day, nearly 50% of the East Coast supply of diesel, gasoline, and jet fuel, is still working to restore service and gain access to its systems after the malicious cyberattack while its four mainlines remain offline.
As Infrastructure Week Begins in the US, A Massive Ransomware Attack Drives the US Government to Enact Emergency Legislation
The US government issued emergency legislation earlier this week after the largest fuel pipeline in the US was hit by a ransomware cyberattack.
Buy it Wholesale, Sell it Retail: How MSPs and MSSPs can Benefit from Multitenancy Cyber Security Solutions
Managed Service Providers (MSPs) and Managed Security Service Provider (MSSPs) have a stressful job. They must provide cybersecurity solutions to their clients, protecting them from a broad and growing range of threats, and ensure their customers’ networks, equipment, data, systems, people, and reputations are insulated from malicious forces.