Are Businesses Underinvesting in Cybersecurity?
February 16, 2021
The issue isn’t how large of a cybersecurity investment an organization makes, but rather, if it is spending funds properly.
The cost of cybercrime jumped to over $1 trillion in 2020, according to McAfee. That number combines monetary losses (over $900 billion) with the cost of providing cybersecurity (about $145 billion).
To balance the discrepancies between losses and expenditures, cybersecurity spending is expected to jump 10% in 2021. Organizations of all sizes are increasing their security budgets; however, the way they approach spending changed.
“Companies are concerned about cybersecurity breaches, and while fear is still a driving factor, compliance and risk management are taking center stage,” said Jenai Marinkovic, vCTO/CISO at Tiro Security and member of ISACA Emerging Trends Working Group.
Because of the pandemic, organizations have to rethink their cybersecurity investment priorities. With the need for cloud services, there is a greater push for cloud security solutions.
The increase in supply chain attacks such as the SolarWinds breach has increased the focus on third-party supplier risk assessments. Data privacy trends shifted focus to investment in AI/ML solutions centered on data protections.
Even as cybersecurity trends and attack vectors have changed, many organizations continue to rely on — and invest in — the same tools and systems they’ve used for years. While companies may look to increase their cybersecurity budgets, they are actually underinvesting in the solutions needed to meet today’s threat landscape.