As enterprises plan and set budgets for the new year ahead, the vast majority are expecting to channel more dollars toward enhancing their cybersecurity efforts.
Organizations committed to bolstering their cybersecurity budgets
According to the latest survey from the Neustar International Security Council (NISC), conducted in November 2021, 81% of organizations have committed to bolstering their cybersecurity budgets for 2022. 24% of respondents are increasing allocations between as much as 31% to 50% over this past year, while 41% are raising budgets 11% to 30%.
“As the cyber threat landscape continues to evolve, organizations are clearly recognizing an urgent need to scale their systems and processes to keep at least one step ahead of bad actors,” said Carlos Morales, SVP, Solutions for Neustar Security Services.
“Our latest data indicates that top-level executives and board members are well aware of the business implications of security gaps, and it is edifying to see that organizations have support all the way up the leadership chain to make the necessary investments to protect themselves and their clients.”
Organizations largely have top-down buy-in when it comes to strengthening cybersecurity measures. Among survey participants, 93% report that cybersecurity planning involves the input of board members, with 63% noting that their board’s active involvement is significant. Such engagement is seen as critical, particularly as organizations seek to thwart what they perceive to be growing threats from criminals and unknown actors.
The cyber skills gap issue
Additionally, as attacks have become more numerous, complex and sophisticated, 88% of organizations anticipate the cyber skills gap will impact their 2022 security strategy. 50% of survey respondents said they expect a significant impact and noted they will need new team members to execute their security strategies for 2022. Only 12% of the respondents feel that their chosen course of action will not be impacted by a cyber skills gap.
Many organizations are looking to external partners to help close this gap: 71% of respondents say they plan to increase their reliance on third-party vendors. Building up existing teams will also be a priority, with 56% planning to add new team members in the coming year.
Meanwhile, more are looking for an added safety net. Half of survey respondents say their organization currently holds a cyber insurance policy – and 94% of them find it a worthwhile investment. Another 22% of organizations are planning to take out a policy in 2022, and 18% have the prospect under consideration.
In the November survey, 82% of responding enterprises confirmed that they had been on the receiving end of a DDoS attack at some time, only a slight increase over the previous reporting period, but a significant leap over the 59% reported pre-pandemic. DDoS attacks were considered among the greatest concerns in terms of cyber threats, with system compromise and ransomware rounding out the top three concerns in the survey period.
“Organizations largely recognize that they cannot prevent cyberattacks, but in today’s market, they do have access to a broad array of tools and services to create defense in depth,” continued Morales.
“By engaging the right partners, organizations can take meaningful steps toward achieving their cybersecurity goals while taking some of the pressure off of themselves to bring in new talent in a very tight market for cybersecurity expertise.”