In the digital era, cybersecurity is very often an asset that separates mediocre businesses from extraordinary ones. And with the average cost of a data breach being around $3.86 million, it seems to also make the difference between low and high revenue.
However, 2020 has brought difficult challenges even for the most skilled security teams, thus highlighting increased vulnerabilities in the digital environment. This unexpected growth came in a delicate time characterized by a worldwide economic downturn, and it’s expected to remain in the picture for a while.
“Cybersecurity will remain a top priority for most organizations in 2020, as threats and vulnerabilities persist and compliance, regulations and ecosystem requirements strengthen. It underpinned the mass shift to remote working during the lockdown by securing newly provisioned endpoints, providing secure access to corporate resources, and extending perimeter defenses beyond physical corporate networks.” – analysis report Global Cybersecurity 2020 Forecast
In April, Google revealed that it was blocking 18 million phishing and malware emails every day related to COVID-19. The historic shift to remote working brings with it more digital targets for cybercriminals, which have improved their strategies and have become more dangerous. The impact generated by WFH environments is strongly against efficient cybersecurity practices.
Before the virus outbreak, an average of 24% of enterprise employees was working remotely on a full-time, part-time, or ad hoc basis. As of August 2020, that number more than doubled to 50%.
Without proper endpoint protection protocols, many organizations have unsuccessfully faced the inevitable—increased data breaches and ransomware attacks.
Among the most commonly met security challenges during this period were insufficient remote access or VPN capacity, and more risks related to unmanaged devices. An approximately 59% increase in BYOD policy adoption has completely transformed the current digital landscape.
Ketaki Borade, Canalys Research Analyst, said, “The emergence of COVID-19 in January saw a surge in targeted phishing campaigns and malicious domains established to lure end users searching for information […] hackers continue to target organizations and individuals by compromising unsecured and poorly trained remote workers via numerous vectors, including email, social engineering, and RDP brute force attacks. Organizations will have to reassess changes to workflows, application use, customer engagement, and training for cybersecurity awareness in a more virtual workplace.”
How are companies investing in cybersecurity today?
Most companies made a priority out of reducing overall operating expenses since the pandemic began. However, according to a survey, 54% of the respondents revealed that they have increased their IT security budgets by an average of 5%. On the other hand, only 20% of those surveyed declared that they have cut the security budgets during the economic crisis.
What is more, spending on Cloud Security is predicted to increase by 33% becoming a $585M market this year.
This increased demand for cloud-based IT security investments is primarily driven by the prevalence of remote jobs but can also be caused by an IT security on-site team shortage. In this context, 75% of the ones surveyed mentioned they find cloud-based security solutions more reliable. The most popular investments of this type during the pandemic were cloud-based secure web gateway (SWG), cloud-based next-generation firewall (NGFW), and cloud-based secure email gateway (SEG).
Conclusion
An economic crisis, teleworking being the new norm, cybercriminals taking advantage of this new reality—these are the highlights that describe the state of cybersecurity in 2020. While companies are taking measures to keep up with the wave of cybercrime, the challenges are far from being solved and constant readjusting will be necessary at least in the near future.