More Than Meets the Eye? Business Transformations Reconfigure Security Spending Models

Companies are getting savvier about IT spending. Despite rosy forecasts, a recent article from The Wall Street Journal noted that cloud adoption rates are actually trending down. What’s happening?

It’s not an abandonment of the cloud, but rather a refinement. CISOs and IT professionals are now better at distinguishing between what’s truly cloud-based and which providers are simply “cloudwashing” their service. Savvier IT investment also enables fundamental business transformation. As noted by CSO Online, however, this often triggers another response: increased security spending.

Security Spending Spikes

The need for intelligent business transformation makes sense, since companies that can’t keep up with the spread of the Internet of Things (IoT) or otherwise empower mobile users are at a significant disadvantage in global markets.

But adopting new technology doesn’t happen in a vacuum. According to CIO, a recent PwC survey found that 59 percent of C-suite executives plan to increase security spending to help manage new digital challenges. Their top priorities include improved business collaboration (51 percent), securing new business models (46 percent) and securing IoT deployments (46 percent).

The cloud plays a critical role here. While 63 percent of IT departments already run applications and services in the cloud, other business branches, such as marketing, customer service and finance, are starting to catch up. John Pescatore, director of emerging security trends at the SANS Institute, told CSO Online that “the increased use of cloud is having the biggest impact” on security spending.

Transforming Business

Cloud isn’t the only focus for new security investment, however. Security advocate Javvad Malik of AlienVault pointed out to CSO Online that a combination of cloud, mobile devices, API and data is now being used to improve customer service and deliver an “intuitive” experience. As a result, companies are looking for ways to abstract security controls from physical technology while simultaneously reducing consumer risk.

It’s no surprise, then, that new security investments skew toward monitoring, behavioral analysis and awareness tools, which allow companies to monitor and safeguard critical services without limiting day-to-day IT performance. According to the PwC survey, 62 percent now use managed security services and more than half leverage security analytics.

Politics also plays a role in business transformation and cybersecurity spending. As noted by FCW, the U.S. Department of Homeland Security budgeted over $470 million for its National Cybersecurity Protection System, $283 million for a critical infrastructure threat awareness program and $211 million for the National Cybersecurity and Communications Integration Center.

It’s unlikely these predicted budgets will see any reduction, no matter who wins the upcoming election. According to government research firm Govini, the increasing number of cyberthreats are “simply too large to ignore,” FCW reported.

In effect, the federal government faces the same challenge as private business. Digital transformation is a requirement to future-proof corporate systems, but it comes with the unwelcome consequence of increased attack surface, in turn prompting bigger security budgets.

Keeping Pace in a Digital-First World

Smart investments are critical in a digital-first world. As noted above, not all cloud services are truly cloud, and not all service providers are created equal. Simply throwing money at IT security during and after a business transformation won’t solve the problem. Instead, companies need to focus on addressing their most relevant and immediate threats — increased cloud access, ubiquitous mobile use and the development of intuitive customer service portals.

Bottom line? Increased cybersecurity spending is a necessity, but where companies spend that money matters more than how much they spend when it comes to keeping corporate networks safe.

Contributor'photo

Douglas Bonderud

Freelance Writer

A freelance writer for three years, Doug Bonderud is a Western Canadian with expertise in the fields of technology and...