Cybersecurity is in the news almost daily and Investment in cybersecurity, by established corporations or venture capital is rising. The stature and business significance of cybersecurity operations within organisations continues its rise to a strategic management issue in every organisation. A dearth of skills shortage continues to impede the progress of a successful cyber defense strategy that can be put in place, this is driving most organizations to increasingly look for outside help be entering into consulting and managed security services contracts.
Rapid Increase in the Investment in Cybersecurity
- According to Gartner, worldwide spending on cybersecurity increased by 7% as compared to last year and will reach $86.4 billion in 2017.
- Spending on both cybersecurity services and products is expected to keep growing into 2018, reaching $93 billion by the end of the year.
- An Enterprise Strategy Group (ESG) survey found that for 39% of organizations, improving cybersecurity is the most important business initiative driving IT spending in 2017 and that 69% of organizations are increasing their cybersecurity budgets in this year alone.
- 81% of cybersecurity professionals agree that improving security analytics and operations is a high priority at their organizations.
- Cybersecurity startup funding hit an all-time quarterly high in terms of number of deals in the first quarter of 2017, up 26% from the previous quarterly high. The trend held through the second quarter, which saw just one fewer deal (145 total) compared to the previous quarter.
- The amount of disclosed equity funding to cybersecurity companies has also recently broken records, reaching an all-time quarterly high of $1.6 billion in the second quarter of 2017, according to CB Insights.
Organizations today generally think of cyber-risk as internal network penetration and defense. But there is now a shift towards developing a more comprehensive risk management strategy that includes all the digital assests such as - websites, social networks, partner exposure, branding and reputation management and compliance.
Says ESG: “Comprehensive Risk Management Strategy is a more holistic digital risk strategy designed to analyze threat intelligence, monitor deep web activities, track the posting of sensitive data, and overseeing third parties and partners.”
With the transformation of cybersecurity into comprehensive risk management, Gartner predicts that by 2020, 100% of large enterprises will be asked to report to their board of directors on cybersecurity and technology risk at least annually, which is an increase from today's 40%.
The key in presenting to the board, says Gartner, is to connect the cybersecurity program goals to business risks. An example would be a discussion of implementing a process for managing third-party risk to support a business's cloud strategy.
Cybersecurity skills shortage, a problem needing attention
There are currently more than 348,000 open security positions, according to CyberSeek. By 2022, there will be 1.8 million unfilled positions, according to the Center for Cyber Safety and Education. And The industry needs and will continue to need new kinds of skills as cybersecurity evolves in areas such as data classes and data governance, says Gartner.
According to the ESG Survey, Things aren’t improving at all, some survey results:
In 2016, 46% of organizations reported a problematic shortage of cybersecurity skills. In 2017, the research is statistically the same as last year; 45% of organizations say they have a problematic shortage of cybersecurity skills.
According to 2016 research conducted by ESG and the Information Systems Security Association (ISSA), 33% of respondents said that their biggest shortage of cybersecurity skills was in security analysis and investigations. Security analysis and investigations represented the highest shortage of all security skill sets.
Recent ESG research reveals that 54% of survey respondents believe that their cybersecurity analytics and operations skill levels are inappropriate, while 57% of survey respondents believe that their cybersecurity analytics and operations staff size is inappropriate.
The ramifications of skills and staff deficiencies are also apparent in the research. Cybersecurity operations staffs are particularly weak at things like threat hunting, assessing and prioritizing security alerts, computer forensics, and tracking the lifecycle of security incidents.
CISOs propose an easy fix: companies must work towards hiring more cybersecurity staff to bridge the knowledge and staffing gaps. In fact, 81% of the cybersecurity professionals surveyed say that their organization plan to add cybersecurity headcount this year.
However, its not that simple to do. According to the ESG research, 18% of organizations find it extremely difficult to recruit and hire additional staff for cybersecurity analytics and operations jobs while another 63% find it somewhat difficult to recruit and hire additional staff for cybersecurity analytics and operations.
Gartner recommends focusing the cybersecurity team on the most important tasks and automating the manual ones, such as log reviews. It tells CISOs to review their job listings to see if they are hiring for positions that can be outsourced.
Managed Security Services, SaaS and ITO route to managing security
All organizations need cybersecurity help, says ESG. When companies buy security tools, the product contracts include a professional services component that allow the companies to manage and ensure optimal usage of their security portfolio. CISOs can leverage the MSSPs and SaaS providers to outsource the relevant areas of their security portfolio.
According to Gartner, 40% of all managed security service (MSS) contracts in 2020 will be bundled with other security services and broader IT outsourcing (ITO) projects, up from 20% today.
To deal with the complexity of designing, building and operating a mature security program in a short space of time, says Gartner, many large organizations are looking to security consulting and ITO providers that offer customizable delivery components that are sold with the MSS.
As ITO providers and security consulting firms improve the maturity of the MSS they offer, customers will have a much broader range of bundling and service packaging options through which to consume MSS offerings. The large contract sizes associated with ITO and security outsourcing deals will drive significant growth for the MSS market through 2020.
IDC estimates that services will be the largest area of security-related spending over the next five years, led by three of the five largest technology categories: managed security services, integration services, and consulting services.
Together, companies will spend nearly $31.2 billion, more than 38% of the worldwide total, on these three categories in 2017.
Increased confidence in cloud cybersecurity
Just about 5 years ago, concerns about adequate security were cited as one of the top reasons for not moving IT operations and assets to the cloud. This thinking has recently changed, accompanied by rapid cloud adoption by many large corporations. A recent survey by analyst firm ESG has found “improved security” reported as a benefit that has been realized by 42% of organizations that already leverage cloud-based data protection services.
Gartner explains the potential key benefit of cybersecurity in the cloud: Today’s data centers support workloads that typically run in several different places—physical machines, virtual machines, containers, and private and public cloud. Cloud workload protection platforms provide a single management console and a single way to express security policy, regardless of where the workload runs.
While there are known benefits of moving the security services to the cloud, Gartner warns that as the cloud environment reaches maturity, it’s becoming an increasing security target. As with most services, possibility of the cloud based security services being targeted and the rendering the service unstable and insecure. Organisations therefore should work on developing security guidelines as to how they use private and public cloud and prepare a cloud risks model.
AI and machine learning (ML) driven Cloud Security
ML algorithms have the ability and potential to help with employee productivity & security analytics, but the technology is in its infancy and not well understood, says ESG. A survey of 412 cybersecurity professionals asked them to assess and characterize their knowledge of machine learning/artificial intelligence as it relates to cybersecurity analytics and operations technologies. Of the total survey population, only 30% of respondents claim to be very knowledgeable in this area. In other words, 70% of cybersecurity professionals really don’t understand where machine learning and AI fit their security portfolio.
Additionally, cybersecurity pros were asked about the status of deploying or are planning to deploy machine learning/AI technologies for cybersecurity analytics and operations in their respective organisations.
Only 12% say that their organization has done so extensively and 6% of respondents have no plans to deploy machine learning/AI technologies for cybersecurity analytics and operations. In the long run, most of the cybersecurity professionals did see the potential of AI and machine learning to help with automating manual tasks and ensure the management of skill shortage in the area.
Its is important that organisations take the effort to gain knowledge about AI and ML and how it will impact Cybersecurity Services and Products. This way they will be able to be more proactive to understanding the adversarial capabilities of hackers. Many companies employ ethical hackers to find out the loop holes in their security portfolios and protocols.