Decision Makers Trade Personnel for Cloud Security as IT Budgets Shrink

Researchers find a 114% increase in remote workers coupled with a 59% increase in adoption of bring-your-own-device (BYOD) policies Situation ‘wreaks havoc’ among enterprise IT security teams as volume of threats and security incidents increase dramatically Decision makers develop an appetite for cloud security solutions as IT staff and budgets diminish

  • Researchers find a 114% increase in remote workers coupled with a 59% increase in adoption of bring-your-own-device (BYOD) policies
  • Situation ‘wreaks havoc’ among enterprise IT security teams as volume of threats and security incidents increase dramatically
  • Decision makers develop an appetite for cloud security solutions as IT staff and budgets diminish

Business operations increasingly center on the cloud as COVID-19 presses ahead, forcing companies to rely on remote workforces as we move into 2021. And, while some businesses are faring better than others in these tumultuous times, IT professionals everywhere agree that cyber risk has increased substantially as organizations must facilitate remote access to mission-critical applications and data.

In a web-based survey of 600 enterprise IT security professionals from seven countries and 19 industries, CyberEdge Group reveals the pandemic has marked a 114% jump in remote workers and a 59% increase in bring-your-own-device (BYOD) policy adoption. 73% of enterprises are said to have experienced elevated third-party risks amongst partners and suppliers.

The situation, in the researchers’ words, has “wreaked havoc” among enterprise IT security teams.

“The top-three challenges experienced by enterprise IT security teams have been an increased volume of threats and security incidents, insufficient remote access / virtual private network (VPN) capacity, and increased risks due to unmanaged devices,” according to the report, The Impact of COVID-19 on Enterprise IT Security Teams.

53% of IT security teams were already understaffed before the pandemic began. Worse still, 67% of enterprise security teams were forced to temporarily reduce personnel expenses through hiring freezes (36%), temporary reductions in hours worked (32%), and temporary furloughs (25%). One in six (17%) were forced to lay off personnel.

‘An increased appetite for cloud-based IT security solutions’

To cope with the rise in security incidents associated with remote-work conditions, IT decision makers have started warming up to cloud security.

“Arguably the biggest impact that the COVID-19 pandemic has had on the IT security industry is an increased appetite for cloud-based IT security solutions,” the researchers noted. “This is primarily driven by the massive increase in remote workers but may also be influenced by having fewer IT security personnel available on site to install and maintain traditional on-premises security appliances.”

While 75% of IT security decision makers in the survey indicated an increased preference for cloud-based security solutions, 78% of those with professional IT security certifications feel the credential has made them better equipped to address pandemic-fueled challenges. In fact, next year, enterprises plan to increase security training and certification budgets by an average of 6%.

To secure employee-owned devices connecting to company applications and data, 59% of enterprises are investing in antivirus solutions.

Also notable is that 81% of IT security professionals actually enjoy working from home, and nearly half of them plan to do so at least part-time once a COVID-19 vaccine is developed.

Consistent findings throughout the year

Conducted in August, the CyberEdge survey echoes findings published by Bitdefender months earlier, in a global survey of 6,700+ IT professionals.

By May, Bitdefender had already learned that:

  • 50% of organizations had no contingency plan to address a situation like COVID-19
  • 86% of IT pros were admitting that attacks were on the rise during the pandemic
  • and 81% were convinced remote work was here to stay

In an even earlier study, Bitdefender uncovered that IT pros were increasingly focusing on cybersecurity training as part of their mitigation strategy against attacks targeting insiders.

“This is proved by the fact that organizations which are placing more emphasis on training are better at detecting attacks quickly, and more efficient at isolating them,” Bogdan Botezatu, Director or Threat Research at Bitdefender, said at the time.

“Ultimately, cybersecurity has improved over the last 36 months, but IT workers are still facing a great deal of stress and risk. This means that getting the right strategies and solutions in place is imperative. In fact, it will ensure the trend of stress and risk doesn’t stretch into future years,” said Botezatu.