Factors influencing IT security spending

Security executives are overwhelmingly craving more AI solutions in 2023 to help them battle the growing cybersecurity threat landscape, according to Netrix Global.

IT security spending barriers

22% of respondents said that they would like to see more AI used in cybersecurity this year, nearly five times more than automation – which came in a distant second (5%), closely followed by threat detection, improved cloud security and authentication methods (each with 4% share respectively).

“It’s clear that AI has started to reach maturity in the Gartner Hype Cycle and we should expect to see more unique uses of the technology across the cybersecurity industry in the near-term future,” said Russell P. Reeder, CEO of Netrix Global.

“In fact, more than half of the executives surveyed said that they currently use AI and machine learning, but their appetite to increase use is high – particularly those at larger companies making critical decisions about where to invest for the future,” Reeder added.

IT security spending

Interestingly, when looking at other findings around spending decisions, security executives said that supply chain issues and the growing distributed workforce are likely to have a more significant influence on IT security spending in 2023 than the looming recession.

The study found that a mere 38% of executives said that the looming recession would significantly influence their IT security spending this year. Instead, 48% responded that their growing distributed workforce would have a significant influence, followed closely by supply chain issues (46%).

“Security becomes even more critical in times of economic hardship because businesses simply can’t risk a data breach and many businesses are opting to bring on a partner rather than increase their internal headcount,” said Reeder.

“It’s not surprising that the distributed workforce continues to be a key focal point for executives responsible for managing the security budget. But on the flip side, it was interesting to see how much the ripple effect of supply chain issues are influencing IT security spend,” Reeder continued.

According to the study, the biggest impact that a looming recession will have on executive planning will be timing. 47% of respondents said that they have already pulled some cybersecurity initiatives forward in their planning so that they would be complete prior to the economic impact of a recession. Meanwhile, 24% of respondents are proceeding with their 2023 cybersecurity plan timelines as if there will be no recession ahead.

“These findings mirror much of what we’re seeing and feeling from our client base today,” added Reeder. “There’s certainly an increased sense of pace and urgency to move key cybersecurity initiatives forward faster – and we’re being brought in to help manage and drive that pace. Once again, the impact of emerging cybersecurity threats can be crippling to a business – particularly during an economic downturn.”

Pressing cybersecurity threats

When asked which cybersecurity threats were most pressing, executives pegged malware (39%) as the threat that concerned them most. Not far behind, both ransomware and data loss were identified as the second most ominous threats (37% each). Phishing attacks ranked sixth on the list, with 26% of respondents tagging them as their top concern.

When asked which software/application is most vulnerable to security threats, the largest proportion of executives said that email (28%) was their No. 1 risk.

“There’s a bit of a dichotomy in the data,” said Reeder. “It’s surprising to see that phishing ranks in the middle of the field of concerning cyber threats, yet email was listed as the most vulnerable software/application to security threats. Phishing attacks continue to get more sophisticated and targeted, with increasing risk as AI technology continues to proliferate and reach a wider audience.”

Another theme that was prevalent throughout the study was the pressing need for IT and security talent. 44% of all respondents said that hiring qualified IT workers would be more of an imperative in 2023 than in previous years. 38% said specifically that they expect hiring qualified security experts would be a challenge in 2023.

“We’ve been talking about the talent gap in IT and security for some time now, and it’s starting to have a more significant impact on companies as they rely on technology to operate and secure their business,” added Reeder.

“That gap widens as companies consider how to leverage AI in both their cybersecurity and IT operations but lack the internal talent or leadership guidance to make smart investments that will prove return,” Reeder concluded.

Don't miss