Home » Insights » 360 Security

Post-Pandemic Cybersecurity Business Investments

COVID-19 brought with it an overnight shift to remote working, spawning an acceleration of digital transformation initiatives. These initiatives have resulted in post-pandemic cybersecurity investments to enable companies to deploy new IT capabilities and solutions.  

As the pandemic forced companies to accelerate their digital initiatives, projects were fast-tracked, potentially resulting in poor cybersecurity or direct violations of security policies. 

Cybercriminals, who are always ready to exploit any gap or weakness that may arise, took full advantage and launched a full-scale global strike. This attack is continuing today and will keep spreading, as well as mutating, much like any virus.  

In a recent global Microsoft survey of 800 business decision-makers at companies of over 500 employees, 58% increased their security budgets, 82% plan on adding security resources and 81% are under pressure to lower security spending. 

Many IT executives are therefore under intense scrutiny for past and current cybersecurity budgets. 

This begs the question, are cybersecurity approaches failing? On the back of a February 2020 Gartner report, cybersecurity is showing slowing budget growth through to 2023, with business and IT at loggerheads. 

Business executives are pushing back, not asking the right questions about cybersecurity, and making poor investment decisions resulting in a lack of critical cybersecurity controls.  Failing approaches to cybersecurity need to be addressed to improve the effectiveness of IT security, and IT executives need to shape the conversation at a business level. 

Flawed Approaches to Cybersecurity Investments

The Perception that Cybersecurity is only a Technical Problem

At a societal and business level there is a lack of understanding about the realities of cybersecurity and what is achievable because the perception is that cybersecurity is something the “techies must fix”. 

Focusing on the Wrong Cybersecurity Questions

When business decision-makers focus on the wrong questions it results in making the wrong cybersecurity investment decisions. 

For example, asking the question, “how much should I spend on cybersecurity and what are others spending?” has two limitations: spend does not reflect the level of protection you need, and what others spend is not comparative to what you need. 

Another question, “How can I comply with X?” limits the focus to compliance and not on the appropriate levels of protection. 

These types of questions lead to an approved cybersecurity investment budget which can provide a ‘false sense of security’ that the business is protected. 

Challenges With Cybersecurity Investment Approaches

New approaches and cybersecurity investments are poorly executed resulting in delays. 

Gartner highlights the common approaches that lead to the failure of cybersecurity investments including: 

  • Money on its own does not solve the cybersecurity investment problem. 
  • CISOs believe that cybersecurity risk rests with the business executive when in fact an open checkbook for cybersecurity puts the responsibility and risk on the CISO. 
  • Lack of a clearly defined risk appetite profile for the business to guide cybersecurity investments.
  • Quantification of security risks inflating expectations. 

These cybersecurity investment failures have led to a disconnect between business decision-making and cybersecurity which must be addressed now more than ever before: cybersecurity has to be addressed in a business context, as a business decision. 

As a company’s dependency on technology increases, CISOs and Business Executives must join forces to understand the focus and priorities related to the business outcomes. 

  • Critical Cybersecurity Controls are expected to be 100% effective 100% of the time, which often results in the business, the IT department, and society having mismatched expectations. 

In addition, legislation too has led to poor cybersecurity investment decisions based on checking boxes versus adequately investing in what is required.

Total security protection is an almost impossible goal to achieve – it is not about if, but when a company will be breached.  

This distinction is clearly outlined by the requirements of GDPR where the severity of fines is linked to CARE (Consistent, Adequate, Reasonable and Effective) cybersecurity controls.  

What is the Care Standard for Cybersecurity Controls? 

Actual security failures are not receiving enough attention versus a focus on compliance.

With the CARE standard for cybersecurity, there is an expectation that organizations will be hacked. 

By considering the CARE approach a business can better understand how much security it actually needs. 

Consistent: Do the cybersecurity controls work the same way over time? 

Adequate: Does the business have satisfactory and acceptable controls in line with business needs? 

Reasonable: Does the business have appropriate, fair, and moderate controls? 

Effective: Do the controls successfully produce the intended results? 

According to Gartner, by using such an approach one can strike a balance between “protection and running the business. It also embodies the incentive to build a better security capability that delivers better outcomes, not just spend more money on security”.  

Top Cybersecurity Investments Since the Beginning of the Pandemic 

The pandemic has changed cybersecurity investments as organizations seek out ways to: 

  • ensure productivity while securing remote working; 
  • deploy Zero Trust capabilities; 
  • purchase threat intelligence tools to proactively detect threats; 
  • regularly evaluate cyber resilience and risk; 
  • secure the cloud and drive down costs by seeking out integrated solutions.  

If your organization has been challenged by cybersecurity since COVID-19 and needs to balance cost with the most effective cybersecurity solution, connect with one of our experts today.

ENHALO’s Best Practice Cybersecurity Solutions

  1. One solution for Continuous Breach Detection Service (CBDS) with real-time threat intelligence, anti-phishing monitoring, reputation profiling, espionage threat maps, and instant alerting. 
  2. Continuous Clone Detection Service (CCDS) for cybersecurity controls against site cloning, IP, and copyright infringements. 
  3. User & Entity Behaviour Analytics (UEBA) providing alerts to suspicious behavior or deviations from normal user patterns indicating a potential threat.
  4. Cyber Threat Hunting to proactively seek out threats, provide and quickly neutralize cyber threats.  
  5. Digital Forensics and Incident Response to re-create the attack, find out how it occurred, and mitigate any future risks. 
  6. Security Information & Event Management (SIEM) to monitor network behavior, Security Orchestration, Automation and Response (SOAR) to act and respond to the threat. 
  7. SNOC for advanced network monitoring and security detection without investing in the expense to do it in-house. 

Disclaimer Insights and press releases are provided for historical purposes only. The information contained in each is accurate only as of the date material was originally published.

More Insights