As businesses gear up for 2018, cybersecurity is top of mind, with the macOS High Sierra “root access” bug and the Equifax data breach still making headlines. Businesses are likely going to spend more on IT security next year, but what will they be spending that money on and how should they go about IT security budgeting?
According to a survey from Gartner released in August, worldwide spending on information security products and services will reach $86.4 billion in 2017, which would be an increase of 7 percent over 2016. Next year, IT security spending expected is expected to grow to $93 billion.
Gartner and other cybersecurity analysts think that application security testing, data loss prevention and advanced threat protection are going to be among the key investments that companies make in 2018. Meanwhile, as businesses prepare to deploy new technologies to protect their networks and IT environments next year, Trend Micro offers best practices for cybersecurity budgeting, including avoiding using too many vendors, auditing existing solutions and developing deeper relationships with partners.
What Will Drive Cybersecurity Investments in 2018?
IT security is obviously a huge market. So where will the growth come from next year?
In the infrastructure protection segment, Gartner expects fast growth in the security testing market due to continued data breaches and growing demands for application security testing as part of the shift to DevOps, an engineering process unifying software operation and development.
Spending on emerging application security testing tools, particularly interactive application security, will contribute to the growth of this segment through 2021, according to the research firm.
Gartner also expects that security services will continue to be the fastest growing segment, especially IT outsourcing, consulting and implementation services. At the same time, the firm thinks hardware support services will not grow as fast, as companies adopt virtual appliances, public cloud and Software as a Service security solutions, which reduces the need for attached hardware support.
Another key factor many businesses must consider next year is the European Union’s General Data Protection Regulation (GDPR), which will likely drive investments in data loss prevention (DLP) technology.
GDPR, which provides strict new controls on personal data, takes effect on May 25, 2018 and impacts any company that collects data on citizens in EU countries. For example, as CSO notes, “companies will need the same level of protection for things like an individual’s IP address or cookie data as they do for name, address and Social Security number.”
GDPR allows for stiff penalties of up to €20 million ($23.6 million) or 4 percent of global annual revenue, whichever is higher, for noncompliance. Gartner says the new regulations have “caused an overall panic and unease among organizations in Europe, but will also have a global effect since multinationals will also need to adhere to the new law.”
Organizations that already have DLP solutions are trying to figure out what additional capabilities they need to invest in, Gartner says (specifically, integrated DLP such as data classification, data masking and data discovery), while others “are looking to increase their capabilities.”
In addition to those technologies, Jon Oltsik, ESG senior principal analyst and the founder of the firm’s cybersecurity service, says that there are several classes of advanced threat prevention technologies businesses are likely going to invest in for 2018. Writing for CSO, he says that these include next-generation endpoint security software, threat intelligence gateways, secure domain name system (DNS), microsegmentation of networks and intelligent application controls.
“These tools do a much better job of blocking exploits, attack vectors, and malware while greatly reducing the attack surface,” Oltsik writes for CSO. “This, in turn, has the derivative effect of decreasing threat detection noise and complexity.”
Additionally, Oltsik says, “such tools, don’t require as much constant care and feeding as legacy security controls, or monitoring or analytics systems,” meaning CISOs “won’t need an army of staffers, months of deployment/customization and weeks of staff training to benefit from these investments.”
Overcome IT Security Budget Challenges
Given all of these tools and options, Trend Micro advises that organizations get a handle on all of the cybersecurity solutions they have, noting in a blog post that “security solution sprawl does more harm than good.”
“Too many security solutions can easily translate to numerous protection issues, especially in regard to visibility, training, manageability and updating. If employee users aren't trained properly, they will not leverage solutions in the most valuable way for protection,” the Trend Micro blog notes. “What's more, a lack of visibility can mean that updates and patches aren't applied quickly, creating added vulnerabilities and openings for cybercriminal activity.”
Organizations also need to consider deploying more intelligent solutions to help them overcome the fact that many will not have enough security personnel on staff to manage all of their cyber tools.
In terms of best practices, Trend Micro advises that organizations avoid partnering with too many security vendors, since companies have limited resources. They should also audit their current security solutions.
“Before consolidating, ripping or replacing, you must have a full idea of the security solutions already being used and the capabilities these provide,” the security firm says. “Once you understand their effectiveness, work to consolidate wherever possible.”
And finally, Trend Micro advises companies to “identify one or a small few security firms that you want to partner with. In this way, you can leverage these partnerships to dig deeper into emerging threats and create the most cohesive protection stance possible.”