Businesses are more comfortable with the cloud and have increased their security spending, but still face a shortage of skilled cybersecurity workers.
A new global study shows a rise in security spending and in privacy and security awareness training programs.
The 2017 Global State of Information Security Survey, conducted by PwC, surveyed more than 10,000 business and IT execs to learn about their current and future plans for protecting digital assets amid rising security risks.
David Burg, US and global leader for cybersecurity and privacy at PwC, says the biggest takeaway from this survey was companies’ overall change in attitude toward technology.
“After initially seeing technology as a threat, organizations are now adopting technology to manage threats and achieve competitive advantages,” which is a significant shift, he says.
“Many organizations no longer view cybersecurity as a barrier to change or as an IT cost, but instead how cybersecurity solutions can facilitate business growth, create market advantages, and build brand trust.”
More organizations are moving sensitive business processes to the cloud, the study found. Burg explains that this transition is a sign that businesses are gaining trust in the cloud and viewing it as an enabler rather than a threat.
Sixty-three percent of respondents have moved IT functions to the cloud and 34% have moved customer service to the cloud. About one-third of organizations also entrust finance and operations to cloud providers.
More companies are beginning to implement biometric authentication like fingerprint scanning and facial recognition to add extra security and improve trust among both customers and business partners, says Burg. More than half (57%) of respondents use biometric authentication.
“In the past, advanced authentication was primarily the technological domain of government systems and large financial institutions or, more recently, social media and consumer email providers,” he continues. “But now a broader range of sectors are adopting multi-factor authentication across a range of transactions.”
As organizations use more data, they are also challenged by the industry-wide lack of cybersecurity talent, Burg notes. This is driving more businesses to rely on third-party services for their security programs.
Sixty-two percent of survey respondents report using managed security services for privacy and cybersecurity. More than half (53%) use open-source software, and among these, 49% report this has had a positive effect on their cybersecurity posture.
Security spending is poised to grow as businesses become more digital, says Burg. Already, 59% of respondents report increasing their cybersecurity spending as a result of digitizing their business ecosystem.
“Cybersecurity has assumed a role in the foundation of business strategy instead of an add-on to an existing plan or product,” he explains. “Because of this, the value of cybersecurity will only continue to increase as more organizations see what was once viewed as a risk being turned into possible solutions.”
Businesses working to improve their security posture should prioritize employee awareness of security practices. More than half (56%) of survey respondents currently require employees to do privacy training. The most-cited priority over the next year is privacy training and security awareness.
Kelly is an associate editor for InformationWeek. She most recently reported on financial tech for Insurance & Technology, before which she was a staff writer for InformationWeek and InformationWeek Education. When she’s not catching up on the latest in tech, Kelly enjoys … View Full Bio