Pandemic and SolarWinds highlight flaws in cybersecurity
A survey of 300 security leaders in the US by Scale Venture Partners shows 94 percent say that C-level executives have a better understanding of cybersecurity risks than a year ago.
This is probably due to the twin impacts of the pandemic and the SolarWinds attack. Half say they will increase security budgets to address the impact of SolarWinds, while 40 percent have increased their cyber headcount during the pandemic.
The shift to remote working has thrown up issues with 66 percent saying that the lack of adequate security on home devices has been their top security challenge. More than half (52 percent) of respondents say cybersecurity incidents involving attacks on compromised data, devices, systems, or networks have increased, and 36 percent attribute the majority of those attacks to employees working from home.
In terms of investment priorities, security automation has risen steadily in the last two years, climbing from eighth place in 2018 to sixth in this year's report. Cloud infrastructure tops the list of technologies getting the most investment, while 51 percent of respondents say they've created an in-house cybersecurity solution in the past 12 months, with 23 percent saying they have built security automation technology.
SolarWinds kick-started a trend to securing the enterprise against third-party solutions providers, with 36 percent of respondents saying they expect third-party risks to rise over the next 12 months. 47 percent of respondents say third-party risks are a top factor affecting the C-suite's understanding of the business impact of security.
Security focus is also changing post-pandemic, with 57 percent of respondents seeing increased integration of security with other teams, like IT, operations and software development in the last twelve months.
The report's authors conclude, "The coming year will no doubt bring new challenges for CISOs and additional opportunities for security startups as the perennial cat-and-mouse game between defenders and attackers advances. We can only hope organizations will have come out of 2020 more resilient and prepared for the next threats."
Find out more on the ScaleVP blog.