Security budgets are increasing, but so is the pressure on security teams to deliver better results and a strong security program with these additional resources.
According to the latest survey from the Neustar International Security Council (NISC), 81% of organizations said they planned to boost their security budgets in 2022. Similarly, a Gartner survey revealed that 66% of IT leaders plan to increase the amount they spend on cyber/information security in 2022
Media Sonar performed a survey of 683 security professionals. 79% are expecting their budget to increase or stay the same over the next 12 months.
At the same time, security teams have more on their plate than ever before. Protecting a workforce that is increasingly remote due to COVID, mission-critical applications that have been moved to the cloud, supply chain attacks focused on third parties, suppliers and partners – all while securely supporting digital transformation.
Security teams have more on their plate than ever before
All the while, cybercriminals are constantly coming up with new types of exploits and attacks, such as cryptojacking, deepfakes, and attacks against IoT networks and videoconferencing systems. Plus, they are continuing to refine tried-and-true exploits like ransomware.
From the perspective of brand protection, consumers are increasingly concerned about how well the companies they do business with are protecting their privacy. And security teams are under the gun to make sure customer data isn’t exposed.
The consulting firm KPMG surveyed adults in the U.S. and found that 86% of consumers feel a growing concern about data privacy, while 78% expressed fears about the amount of data being collected about them. Nearly half of consumers say they’re worried about their data being hacked.
86% of consumers feel a growing concern about data privacy, while 78% expressed fears about the amount of data being collected about them
It’s also important for consumers to believe that the companies they do business with behave in an ethical and responsible manner. This means that even if a company protects consumer data from breaches, the organization could lose customers if, for example, the CEO’s Twitter is spoofed and posts offensive messages.
Throwing people at the problem isn’t the answer because there’s a huge shortage of security professionals. ISC2, the world’s largest nonprofit association of certified cybersecurity professionals, reported in October that the number of unfilled cybersecurity openings worldwide stood at 2.72 million.
And skills gap facing security teams is widening. In a global study of cybersecurity professionals by the Information Systems Security Association (ISSA) and industry analyst firm Enterprise Strategy Group (ESG), 57% of respondents say a shortage of cybersecurity skills has impacted the organization they work for. A Media Sonar survey found that 74% of security professionals felt the skills gap somewhat or highly impacted their ability to be proactive about their security landscape.
Media Sonar asked 216 security professionals how the cybersecurity skills gap has affected their organization’s ability to be more proactive about their security landscape. 74% were somewhat or highly impacted.
Two ways to overcome these staff shortcomings and to demonstrate that security teams are delivering value are to use open source tools and automate as many processes as possible. Even better is to do both at the same time – to deploy a platform that automates the gathering and analysis of threat intelligence from open source tools.
The Media Sonar platform uses open-source intelligence tools to scour the Internet for emerging threats. It enables security teams to get an early heads-up if customer data is being sold on the Dark Web. It enables security teams to reduce redundancy in their technology stacks in order to help make the most of the organization’s security budget. And it helps security teams automate the detection and investigation of inappropriate uses of the company’s brand, providing a clear ROI for the business.