CISOs look for flexibility to manage new security challenges
A new survey of UK CISOs by cybersecurity company F-Secure looks at how IT decision makers are adapting to a fast changing landscape.
With more people working remotely budgets are being moved around to allow businesses to cope with new ways of working and the resulting security vulnerabilities, and 13 percent of respondents say that budgets are going to increase as a direct response to the challenges presented by the pandemic.
More than a third of respondents say that budgets are set to increase by between six and 10 percent in the next year. But businesses are looking for flexibility too, with 72 percent wanting to pay monthly rather than annually, and a quarter looking for flexible contracts.
"People have been investing in technologies for some time now," says Dean Porter, channel manager at F-Secure. "I think that spend goes more into trying to consolidate and create a really robust security posture. Where the threat landscape is evolving some of those technologies are moving away from endpoint security into EDR spaces and looking at enhancing security features."
A majority of businesses still choose to manage most of their security solutions in-house. However, for smaller companies (those with between 25 and 199 staff) the option of employing full time, in-house security specialists is often out of reach. In most cases these companies will choose the support of a managed security service. Only 38 percent of the smallest businesses have dedicated cyber security personnel, compared to 59 percent of the largest. In UK businesses where an IT service provider or reseller is used, 81 percent view them as a key or strategic partner.
"The skills shortage and turnover of staff makes it a challenge to retain highly skilled staff, over a long period of time," adds Porter. "In an industry where there's a lot of opportunities and increasing salaries, having that turnover or having to retrain staff, or having to rebuild technology- based skill sets can be avoided with trusted partners and service providers, such as a team with great skill sets and the understanding and expertise in the areas where it matters."
When asked about their priorities for the next 12 months preventing data breaches (28 percent) and malware or phishing attacks (26 percent) are the top concerns. The most effective way to do this is seen as Endpoint Detection and Response (EDR) with more than half of respondents (54 percent) viewing EDR as a purchasing priority.
You can read more on the F-Secure blog.
Image credit: Wavebreakmedia / depositphotos.com