NetworkTigers discusses cybersecurity priorities in 2023.
The most recent Foundry study has been released offering up a clearer picture of the field as it stands at the start of 2023. The 2022 study surveys some of the top cybersecurity officials worldwide to illustrate and explore some of the main concerns, issues, and progress observed by a variety of businesses in the realm of cybersecurity.
Some of the top issues highlighted by the study illustrate that data security is finally beginning to be recognized as the cornerstone of business success that it is in today’s day and age. Some, however, point to worrying trends as businesses continue to overlook must-needed data security upgrades and developments.
Key takeaways from the 2022 Foundry study
Foundry’s Security Priorities Study 2022 consulted with 872 security industry leaders. Of the respondents, 55% were located in North America, 18% Europe, the Middle East, and Africa (EMEA respondents), and 27% were located in the Asia Pacific region (APAC respondents).
In many ways, cybersecurity leaders believe their industry is finally valued and understood as a major factor in creating a more stable and lasting business model. Gone are the days when IT and tech support were seen as optional or an area to cut corners. Instead, the results from this year’s study report that 82% of top IT cybersecurity executives regularly engage with the board. Respondents from all areas responded that they meet with the board of their respective companies at least once a quarter and up to multiple times a month. This helps illustrate the amount of respect and attention cybersecurity has gained in recent years from business leaders in general.
This renewed focus is likely partly a result of several high-profile hackings, such as SolarWinds and other notable data breaches. With the average cost of a cybersecurity incident expected to land at $8 trillion globally in 2023, it is no surprise that businesses worldwide are dedicating more face time to top IT cybersecurity professionals.
On the other hand, a whopping 90% of security leaders also believe that one of the main issues they face is convincing every area of their respective organization to take cybersecurity seriously, and invest the attention and resources necessary to combat evolving threats. This 90% believes their organization is not properly addressing cyber risk, despite their efforts.
The following are the top three priorities of cybersecurity professionals in order to help their organizations understand the true cost of cybercrime:
- Increasing preparedness to respond to possible future security incidents
- Upgrading IT and data security
- Improving security awareness among end-users
Emerging trends in cybersecurity 2023
The main trend continues to be a significant allocation of overall IT spending on security. An average of $65 million is allocated per annum towards security but varies greatly depending on the size of the organization in question. For larger enterprises, data security spending reaches $122 million on average. For small businesses, the number tops out at $16 million. This, however, represents a significant increase from 2020’s average small business IT security budget of just $5.5 million. In just two years’ time, the amount dedicated towards security has more than tripled for the average small business worldwide.
Some of the top investments in security are:
- SOAR (34%)
- Zero Trust technologies (32%)
- SASE (32%)
- Deception technologies (30%)
- Ransomware brokers (30%)
Another evolving trend in the field of corporate risk protection is cyber insurance. Most businesses report now holding cyber insurance policies and rating them favorably. Respondents’ average response rates their insurance policy at a 7.9 on a scale of 1-10, 10 being most satisfied.
The most common concern in cybersecurity 2022
Most cybersecurity professionals could easily predict the answer to the following trend. When asked if they were aware of what caused security incidents in their organization over the course of the covered year, 87% said that they did know exactly where the risks had originated from. Additionally, the majority report that the risks originated with non-malicious user errors.
This statistic illustrates a common theme in cybersecurity. One of the biggest risks to an organization’s data security is the employees who work there. At times, the risk may be due to a disgruntled ex-employee, but all too often it comes from the average user who either does not know how to or does not care to protect their own data access points.
User error is commonly cited as one of the top issues that security professionals face. According to a separate IBM Cyber Security Intelligence Index Report from 2022, 95% of all data breaches are due to human error.
To address this concern, security experts report that employee awareness and training issues are towards the top of reported redirects that require time from their day. The issue is closely followed by unanticipated business risks, which pull attention 25% of the time, as well as meeting the demands of regulatory compliance, which leads the pack at 28%.