Cybersecurity budgets are failing to keep pace with the rise in cyber threats, according to new research, which has found that half (50 percent) of IT decision-makers say their security budget won’t increase before at least 2021.
In contrast, just 18 percent of respondents expect their budget to increase by double-digits within the next two years, while a quarter only (28 percent) forecast single-digit growth.
The study, by ESET, the security solutions provider, questioned 100 IT decision-makers on their attitudes and future plans around cybersecurity. With previous studies showing that cyber-attacks are growing year-on-year and that security spending in the UK is already the lowest in Europe, the findings suggest that the budget that organisations are allocating to combatting cyber-crime does not match the risks they face.
When asked which security products they do plan to invest in over the next year, the most popular options are firewalls (65 percent), intrusion-prevention systems (59 percent), and web or content-filtering software (57 percent). Meanwhile, the most popular IT services investments are penetration testing (66 percent), security consultancy (55 percent), and compliance monitoring (50 percent).
Less popular amongst IT decision-makers, however, are emerging security products and services, suggesting that awareness or trust of these less-proven solutions is still lacking. IoT and operational technology security is the most likely investment amongst respondents (48 percent), followed by threat intelligence systems (46 percent), and machine learning or AI-based security (39 percent). Cyber insurance (30 percent), biometrics (23 percent), deception technology (16 percent), and blockchain (16 percent) are still yet to gain widespread interest.
ESET Channel Director David Mole said: “Cyber-attacks and data breaches are one of the biggest risks facing organisations today, yet too many in-house teams still aren’t taking the issue as seriously as they should,” commented , at . “Not only are cyber threats becoming more frequent, but with rising volumes of sensitive data being held by companies and higher fines introduced by GDPR, the risk and potential cost of a breach is higher than ever. Recent cases such as that of British Airways and Marriott International show clearly the damage that this combination of factors can inflict.
“Cybercriminals are highly sophisticated, and they will continue to innovate their methods to ensure they continue to break through organisations’ security defences. IT teams need to match this approach, by continuing to invest in the latest tech and services to keep their systems and data safe. Just because a solution has worked up until now, that doesn’t mean it will continue to be effective in the future, and channel partners have an important role to play in ensuring that their clients are aware of the emerging risks and how best to avoid falling victim.”