Companies are getting savvier about IT spending. Despite rosy forecasts, a recent article from The Wall Street Journal noted that cloud adoption rates are actually trending down. What’s happening?

It’s not an abandonment of the cloud, but rather a refinement. CISOs and IT professionals are now better at distinguishing between what’s truly cloud-based and which providers are simply “cloudwashing” their service. Savvier IT investment also enables fundamental business transformation. As noted by CSO Online, however, this often triggers another response: increased security spending.

Security Spending Spikes

The need for intelligent business transformation makes sense, since companies that can’t keep up with the spread of the Internet of Things (IoT) or otherwise empower mobile users are at a significant disadvantage in global markets.

But adopting new technology doesn’t happen in a vacuum. According to CIO, a recent PwC survey found that 59 percent of C-suite executives plan to increase security spending to help manage new digital challenges. Their top priorities include improved business collaboration (51 percent), securing new business models (46 percent) and securing IoT deployments (46 percent).

The cloud plays a critical role here. While 63 percent of IT departments already run applications and services in the cloud, other business branches, such as marketing, customer service and finance, are starting to catch up. John Pescatore, director of emerging security trends at the SANS Institute, told CSO Online that “the increased use of cloud is having the biggest impact” on security spending.

Transforming Business

Cloud isn’t the only focus for new security investment, however. Security advocate Javvad Malik of AlienVault pointed out to CSO Online that a combination of cloud, mobile devices, API and data is now being used to improve customer service and deliver an “intuitive” experience. As a result, companies are looking for ways to abstract security controls from physical technology while simultaneously reducing consumer risk.

It’s no surprise, then, that new security investments skew toward monitoring, behavioral analysis and awareness tools, which allow companies to monitor and safeguard critical services without limiting day-to-day IT performance. According to the PwC survey, 62 percent now use managed security services and more than half leverage security analytics.

Politics also plays a role in business transformation and cybersecurity spending. As noted by FCW, the U.S. Department of Homeland Security budgeted over $470 million for its National Cybersecurity Protection System, $283 million for a critical infrastructure threat awareness program and $211 million for the National Cybersecurity and Communications Integration Center.

It’s unlikely these predicted budgets will see any reduction, no matter who wins the upcoming election. According to government research firm Govini, the increasing number of cyberthreats are “simply too large to ignore,” FCW reported.

In effect, the federal government faces the same challenge as private business. Digital transformation is a requirement to future-proof corporate systems, but it comes with the unwelcome consequence of increased attack surface, in turn prompting bigger security budgets.

Keeping Pace in a Digital-First World

Smart investments are critical in a digital-first world. As noted above, not all cloud services are truly cloud, and not all service providers are created equal. Simply throwing money at IT security during and after a business transformation won’t solve the problem. Instead, companies need to focus on addressing their most relevant and immediate threats — increased cloud access, ubiquitous mobile use and the development of intuitive customer service portals.

Bottom line? Increased cybersecurity spending is a necessity, but where companies spend that money matters more than how much they spend when it comes to keeping corporate networks safe.

More from

Cost of a data breach 2023: Geographical breakdowns

3 min read - Data breaches can occur anywhere in the world, but they are historically more common in specific countries. Typically, countries with high internet usage and digital services are more prone to data breaches.To that end, IBM’s Cost of a Data Breach Report 2023 looked at 553 organizations of various sizes across 16 countries and geographic regions, and 17 industries. In the report, the top five costs of a data breach by country or region (measured in USD millions) for 2023 are:United…

The Growing Risks of Shadow IT and SaaS Sprawl

4 min read - In today's fast-paced digital landscape, there is no shortage of apps and Software-as-a-Service (SaaS) solutions tailored to meet the diverse needs of businesses across different industries. This incredible array of options has revolutionized how we work, providing cost-effective and user-friendly tools that streamline tasks and boost productivity.However, this ever-expanding application ecosystem comes with its challenges: namely, shadow IT and SaaS sprawl. According to a recent study by Entrust, 77% of IT professionals are concerned about shadow IT becoming a significant…

Are you ready to build your organization’s digital trust?

4 min read - As organizations continue their digital transformation journey, they need to be able to trust that their digital assets are secure. That’s not easy in today’s environment, as the numbers and sophistication of cyberattacks increase and organizations face challenges from remote work and insider behavior. Digital trust can make your organization’s digital transformation stronger. A lack of digital trust can do irreparable harm. However, according to ISACA’s State of Digital Trust 2023 report, too many organizations struggle to define and implement…

Most organizations want security vendor consolidation

4 min read - Cybersecurity is complicated, to say the least. Maintaining a strong security posture goes far beyond knowing about attack groups and their devious TTPs. Merely understanding, coordinating and unifying security tools can be challenging. We quickly passed through the “not if, but when” stage of cyberattacks. Now, it’s commonplace for companies to have experienced multiple breaches. Today, cybersecurity has taken a seat in core business strategy discussions as the risks and costs have risen dramatically. For this reason, 75% of organizations…