June 28, 2019 • The Recorded Future Team
IT security spending is going up. That’s what CyberEdge’s “2019 Cyberthreat Defense Report” has found — but what are organizations spending their budgets on, and why? Today’s threat environment presents a growing challenge to security practitioners, and emerging threats and new technologies are forcing teams to get more strategic with what tools, products, and practices they rely on.
The CyberEdge report, which is based on data gathered in a comprehensive survey of the industry, examines how organizations are allocating IT security budget, which security technologies are currently deployed, and the kinds of moves that security teams are making to get a leg up on malicious actors. In this blog, we’ll break down their research-backed findings on how exactly organizations are investing in security, including how the majority of organizations are increasingly relying on security solutions driven by machine learning and artificial intelligence, like threat intelligence platforms.
With limited resources and context in the face of an ever-expanding threat landscape, budget allocation for security spending is one of the top challenges that security leaders face. But there can be tremendous value — and return on investment — in choosing the right solutions.
We’ll begin by examining how organizations are investing in security presently, as well as plans for future investments. Respondents were asked to quantify percentage of budget allocated to information security, as well as changes in the security budget and how resources would be applied in the near future.
IT security budgets for 2019 are going up across the board. In fact, IT security budgets today are healthier than ever, with a record 83.5% of organizations planning to invest more in security in 2019.
The following network security technologies have the largest increases in adoption:
The below network security technologies have the highest planned acquisition rates for the coming 12 months:
Trends toward cloud computing, remote work, and more complicated supply chains are making the old approach of securing the perimeter no longer really viable for network security. But eliminating the need for a well-defined outer perimeter shifts the emphasis to internal perimeters. Plus, network-based security still minimizes the impact to mission-critical computing devices.
With 65.9% of organizations reporting current use of signature-based (or basic) antivirus or anti-malware, it remains the most commonly deployed endpoint security technology. Meanwhile, containerization and micro virtualization continues to be the hottest endpoint security technology planned for acquisition — 37.8% of organizations plan to adopt it within the next 12 months.
Antivirus isn’t going anywhere. Besides the fact that it’s required by most regulatory bodies, it’s also an accurate, efficient way to identify and eradicate known threats, so its prevalence makes good security sense. Endpoint security, however, is focused more so on enhancing already available features such as machine learning and artificial intelligence algorithms, adding analytics to management and consolidating offerings.
38.8% of organizations say that API gateway is the most sought after app and/or data security technology for the year ahead, and advanced security analytics has the highest “planned for acquisition” rate of any other security technology overall. But it’s important to note that no security technology listed in the report has an adoption rate of over 60%, which means there’s clearly plenty of room for improvement in these areas by enterprise security teams, as well as opportunities for associated solution providers.
Three identity and access management technologies identified as most commonly in use:
All three of these identity and access management technologies are well prioritized — they’re critical for controlling who can access certain IT services, as well as for implementing additional safeguards for high-value assets. Account and access management are simply fundamental to a sound security architecture, while password management must be used for appropriately restricting access.
94.4% of respondents indicated their organizations have acquired products that feature machine learning and/or artificial intelligence technology. 81.1% of respondents generally agree that machine learning and artificial intelligence technologies are helping to defeat advanced cyberthreats.
With respect to cybersecurity, machine learning and artificial intelligence technologies have brought early returns. However, there are a few things to look for when investing in a security product that uses machine learning. It can have substantial benefits for the automatic collection and analysis of data for producing threat intelligence — but for some other security solutions, it’s more of a marketing phrase.
To learn more about how organizations are investing in security presently, download the “2019 Cyberthreat Defense Report.” For more information on how to leverage effective threat intelligence to improve your security posture, request a personalized demo.