Business Cyber Security Spending In 2021

Uploaded on 2020-12-17 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

Organisations today are fending off cyber risks of all types, from malware to social engineering and malicious insiders. The onset of Coronavirus, which has pushed many employees out of the office to work remotely, has also resulted in a boom in hostile digital equivalents. Furthermore, the lockdown for Covid-19 has seen companies become more reliant on decentralised digital operation systems than ever before, something many do not have the talent and other resources for. Many are more exposed to cyber attacks than ever before. 

Experts are unanimous that organisations are likely to be targeted by hackers as they seek to exploit the chaos of the on-going crisis. Yet according to a new study from PWC, more than one-fifth of British organisations are planning to downsize their cyber team in the coming 12 months.

Amid the increasing sophistication of cyber criminals, and the rapid shift to digital technologies brought about by the Coronavirus, PWC has launched its latest insights into what’s changing and what’s next in cyber security. 

Based on a survey of 3,249 business and technology executives from around the world, including 265 in the UK, IoT and cloud service providers top the list of ‘very likely’ threat vectors in the coming 12 months were mentioned by 33%, while cyber attacks on cloud services were found to be the most likely threats to have a significantly negative impact, as noted by 24% of those polled.

UK respondents were even more pessimistic on the situation, with 58% citing an attack on cloud services, followed by a disruption-ware attack on critical business services at 52%, and a ransomware attack at 50%. 

Around 40% of executives in the global survey planned to increase resilience testing to ensure that, if a disruptive cyber event occurs, their critical business functions will stay up and running, but 96% of UK respondents said that they will shift their cyber security strategy due to Covid-19.

Overall, cyber security budgets are increasing in 2021, with 55% of those polled said they were increasing their spending in the area in 2021, even as 64% of executives expect business revenues to decline and if that forecast is accurate and the economic conditions don't recover, a cyber breach could be the death of many firms.

Such is the dire situation at many firms that more than 25% of respondents will be downsizing their spending, leaving cyber teams to do more with less. A further 13% will have to make do with static budgets.

In the UK,  PwC found that the majority of organisations lack confidence in their cyber spend, indicating that there could be trouble ahead for cyber teams when cost cutting programmes are needed. Just 36% of UK respondents are very confident they are getting the best return on their cyber spend versus 42% globally, and while a higher than average 56% of UK respondents are planning to increase their cyber budgets in 2021, this might well fall depending on just how bad things get for the British economy in its first year outside of the European Union.

The increased overall spending on cybersecurity includes ramped up recruitment for personnel over the coming year. According to PwC, 51% of executives plan to add full-time cyber security personnel over the next year. 

Globally, top roles which will be in demand relate to cloud solutions, which as mentioned is a major area of concern at present, at 43%, security intelligence at 40%, and data analysis at 37%. UK respondents seem much more reserved when it comes to hiring. Just 42% of UK respondents said they plan to increase their headcount, and 22% of UK organisations are actually planning to decrease the size of their cyber security team, compared to 16% globally.

Cyber security has been a growing  priority for businesses and many of them have moved fast to ensure they have strong protections in place. Multi-factor-authentication has become the norm across businesses of all sizes, many companies have started offering security awareness training and the rise of AI systems will have enabled some companies to autonomously defend workforces.

Gartner estimates that worldwide security spending grew 10.5% in 2019, compared to 0.4% growth in IT spending overall.

Most businesses had already identified holes in their practices, leading some to be more diligent in response to cyber security threats. Commenting on the survey Richard Horne, Cyber Security Chair, PwC said, “It's surprising that so many organisations lack confidence in their cyber security spend. It shows businesses need to improve their understanding of cyber threats and the vulnerabilities they exploit, while changing the way they think about cyber risk so, it becomes an intrinsic part of every business decision.” 

As cyber criminals find a new opportunity for attack with remote workers and improperly secured connections and technologies. Together, these trends have created a more vulnerable environment affecting the cyber security of many organisations. 

No organisation can be totally protected from cyber attacks and  it is therefore  vital that they each build an effective cyber security strategy and an implemented tactical plan that are continually up-dated and effectively used. 

PWC:      ITPro:       Techrepublic:     Computing:        Consultancy UK:     Consultancy UK:     Infosec Institute:

Please contact Cyber Security Intelligence for more information and recommendations on effective training for cyber security.

You Might Also Read:

Critical Cyber Security Threats & Solutions For Business:

 

« Europol Warning Of The Growing AI Cyber Threat
Russian Hackers Have Stolen US Secrets »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

iTrinegy

iTrinegy

iTrinegy is a world leader in Application Risk Management offering solutions to mitigate all networked application deployment risks

AA Certification (AAC)

AA Certification (AAC)

AAC provide ISO Quality Management System certification services including ISO 27001.

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets is a global series of summits focusing on cyber security for critical infrastructure.

IoT Now

IoT Now

IoT Now explores the evolving opportunities and challenges facing CSPs, and we pass on some lessons learned from those who have taken the first steps in next gen IoT services.

Blue Ridge Networks

Blue Ridge Networks

Blue Ridge offers a suite of solutions that enable secure remote access to the enterprise network with protection and control of endpoints.

Riscure

Riscure

Riscure is a global test lab and tools leader for device security. Core expertise in side channel analysis, fault injection and embedded device software.

Enterprise Ethereum Alliance (EEA)

Enterprise Ethereum Alliance (EEA)

EEA is a member-led industry organization whose objective is to drive the use of Ethereum blockchain technology as an open-standard to empower ALL enterprises.

Right-Hand Cybersecurity

Right-Hand Cybersecurity

Right-Hand Cybersecurity empowers businesses to monitor, measure and mitigate employee induced cyber risks in real-time.

DataFleets

DataFleets

DataFleets is a privacy-preserving data engine that unifies distributed data for rapid access, agile analytics, and automated compliance.

CyberPeace Foundation

CyberPeace Foundation

CPF is a think tank of cybersecurity and policy experts with the vision of pioneering Cyber Peace Initiatives to build collective resiliency against CyberCrimes and global threats of cyber warfare.

Cool Waters Cyber

Cool Waters Cyber

Cool Waters Cyber manage cyber security governance, risk and compliance.

Amplix

Amplix

In the race to create value for your enterprise, Amplix is your best asset for making technology decisions and optimizing your IT infrastructure, cloud usage, and security posture.

Acumen

Acumen

Acumen's cyber security engineers protect your critical systems, in critical moments. We are here when you need us most.

TraitWare

TraitWare

The TraitWare mission is to increase user and company security while simplifying access to digital and physical resources through the elimination of the need for usernames and passwords.

Linx Security

Linx Security

The Linx Identity Security platform enables identity, security, and IT ops teams to finally control the whole identity lifecycle.

SafeAeon

SafeAeon

SafeAeon is a leading Cybersecurity-as-a-Service provider, offering 24x7 premium Managed Security Services with AI-powered and Human-driven 24x7 SOC.