While many companies have grappled with tight budgets this year amid an economic downturn, the departments securing remote workforces are seeing a bit of a boost.
Big companies increased their budgets for IT security by an average of 5%, according to the recently released results of an August survey conducted by Annapolis-based CyberEdge of 600 executives and managers working at companies with more than 1,000 employees. And the growth is expected to continue next year, as they are eyeing a 7% increase, on average, for 2021.
CyberEdge CEO Steve Piper said analysts at the firm the research and marketing services firm expected that cybersecurity would follow a similar trend as others in a tough economic time.
However, “overall we did not see IT security budgets go down,” he said. “In fact, in most instances, we saw midyear budget increases, which is very comforting.”
Like many things in 2020, however, this likely speaks to the challenges presented by the pandemic. The shift to work from home brought a big change in remote work, as 50% of employees were still working from home, and adoption of bring-your-own-device policies — which allow employees to use their own laptops and the like — grew nearly 60%.
Remote work provides more freedom for employees, and being able to access apps anywhere can help with productivity. But it also means there are lots of devices being used that might not be secured from attackers.
This is bringing new threats. In the survey, 37.2% of respondents saw increased security incidents and threats, while 35% saw increased risk due to unmanaged devices. And it all happened quickly.
When it comes to how they’re addressing the threats, the report finds that cloud-based tools are becoming more in demand, and 43% have increased third-party risk management.
But it also has implications for people on cybersecurity teams.
For one, training and certifications are important, with 78% of respondents saying they felt their training and certification helped to meet the challenges. And along with the wider budget increases, there are plans to increase budget in this area by 6% on average.
There’s also the matter of putting the team in place. Despite the budget increase, IT security teams insulated from the challenges faced by workforces everywhere. After all, the industry has always had challenges with a skills shortage. Plus, two-thirds of survey respondents said they faced staffing challenges like hiring freezes and layoffs. But Piper also notes that as a result of the layoffs taking place across the entire economy, there are more workers than ever that might be seeking jobs.
In other words, the notorious talent gap might be a little shorter than usual, for now: “Before the pandemic it was very hard to recruit talented IT security people,” Piper said. “Now it’s just … hard.”
But there was a change in where they worked, and Piper believes that might be a lesson for the future.
When CyberEdge asked IT security pros whether they liked working from home, 80% said they liked it some or all of the time.
“These enterprises are competing with each other to hire IT security talent,” Piper said. “The smart enterprises are going to find ways to allow IT security people to work from home either full-time or part of the time and use that as a recruiting tool.”
Offering training and certification can also be an incentive in recruiting, as those budgets are holding steady.
“I think smart enterprises can turn lemons into lemonade and help fill open positions they’ve had open for a while because of the skills shortage.”