Why investing in cybersecurity measures is more important than ever, despite challenging economic times
By Achi Lewis, Area VP EMEA, Absolute Software
At a time where cybercrime is on the rise with an increased attack surface in our work from anywhere world, as well as the heightened cyber threat from the Russian invasion of Ukraine, investing in cybersecurity is more important than ever.
With an economic downturn on the horizon, businesses will be looking to tighten budgets and make cuts where possible. Ensuring a strong cybersecurity posture is in place should be treated as essential when allocating where funds should be spent.
The UK Government’s Cyber Security Breaches Survey 2022 revealed that 82 per cent of UK business boards and senior management rank cybersecurity as a high priority, while the Security Priorities Study whitepaper shows that 90 per cent of respondents believe their organization is failing to appropriately address cyber risks.
Upskilling, automation, and outsourcing are all options that organizations can, and should, be deployed to create a resilient cybersecurity posture on a budget.
The need for upskilling and training
The digital skills gap is an ongoing problem and one that is being felt heavily throughout the technology industry. This problem extends to cybersecurity, however, the effects of this could be reduced if IT teams were to be upskilled with cyber training.
The 2022 Cybersecurity skills gap report from Fortinet found that 64 per cent of organizations worldwide have experienced some form of security breach, linking 80 per cent of those attacks to the cybersecurity skill gap. Furthermore, non-malicious user error has been cited as the top cause of security incidents. This highlights the gap in awareness and understanding around cyber-attacks by current employees and the need to improve education around threats, both for cybersecurity and non-cybersecurity staff.
Through regular training and upskilling, organizations will be able to equip their staff with the knowledge that will enable them to act effectively to protect against attacks, as well as understand what to do to recover once a successful attack does occur.
Additionally, there are many untapped pools of individuals that can be drawn on to plug the gap. For example, women are largely unrepresented in the technology world, with just 19 per cent of the tech industry being made up of females. Thinking outside the box when looking for talent is one-way organizations can extend the talent pools available to them, with no extra costs.
While training staff, finding talent, and eliminating human error is not an easy task, it is it a relatively small expense in comparison to the financial, time, and reputation costs of stolen data.
Why automated technology is the way forward
Training and upskilling current employees is one way to minimize cyber risk, but eradicating human error indefinitely is almost impossible without the right technology. Automation technology can strengthen and compliment the efforts of employees, and with only 45 per cent of companies currently using automated cybersecurity solutions to prevent and recover from attacks, the value is not being fully realized.
Resilient Zero Trust is one effective solution, monitoring an organization’s endpoint devices and applications for suspicious activity. If a device logs on from an unfamiliar location, or accesses a restricted application, an alert can be sent to a centralized IT team who have the power to freeze or shut off a device to prevent a potential breach. The goal with this technology is for employees to remain operational, rather than simply cutting them off at the first opportunity, whilst also helping to automate threat detection.
The number of Zero-Trust architectures deployed by businesses rose by 8 per cent between 2021 and 2022 as this technology offers a cost-effective way of bolstering cyber defenses.
Self-healing technologies can also strengthen an organization’s security portfolio, repairing and recovering compromised devices automatically, reducing the risk of reinfection and allowing businesses to continue using their existing enterprise devices.
Being appropriately prepared to respond to a security incident takes the number one spot when looking at key security priorities, and having automated technology in place that helps with response and recovery will allow organizations to comfortably work without the looming worry of a cyber-attack.
Outsourcing to service providers
Outsourcing is another low-cost solution businesses can utilize to improve their cybersecurity posture. With time and money an important factor, 83% of IT leaders that currently use an in-house security team are now considering outsourcing.
Delegating security tasks to skilled professionals outside your organization can compensate for a lack of accessible digital talent whilst still bolstering cyber defenses.
Outsourcing is a cost effective solution, which at a time when budgets are tight, is a huge incentive. Organizations will not need to worry about the training and salary of full-time staff, but instead outsource to services that are simply cheaper.
Cybersecurity must remain a priority and difficult economic conditions cannot be an excuse. With several low-cost approaches available to help improve cyber resilience, organizations should look to re-thinking their processes to capitalize upon the resources available to them.
By deploying a mixture of upskilling, automating, and outsourcing organizations will be able to build a strong cybersecurity portfolio to protect against incoming threats and help them to recover and respond to attacks effectively.
About the Author
Achi Lewis is the Area VP EMEA of Absolute Software. He is a veteran of the cybersecurity industry with decades of experience in enterprise security, overseeing Absolute’s go-to-market strategy in EMEA, establishing relationships with key customers and growing its partner network.
Achi can be reached online at @absolutecorp and at our company website https://www.absolute.com