What will be the role of cyber security in a post-Covid world? With the lockdown conditions continuing to exist due to the rapid spread of Covid19, will companies spend more on it as businesses around the world are forced to transition to work from home models? It means cyber security services are going to be high in demand! Security has always been considered a top priority by many organizations. Will there be increased adoption or will there be a decline? These are a few questions looming in front of the industry. I spoke to a number of CISOs over the issue. There is at best a mixed view.
Security Spending Will See An Upturn
Many infosec leaders believe that focus on cyber security will increase. According to Ganesh Viswanathan-SVP-PMO & CISO, Aithent Technologies Pvt Ltd., with Work from Home becoming mandatory threats and attacks will go up. He adds that in order to contain those risks and threats, organisations will spend on cybersecurity monitoring tools as well as anti-phishing tools and training. The infosec leader also believes that digital surveillance tools for COVID 19 will also gain prominence and could gain traction.
“Security risks have increased. Organisations who know the gravity of the situation and would invest in the absolutely must-have controls for ensuring security and resiliency. The budgets are tight so the scrutiny would be much more. Get your business case right and do the homework right.
Hirolikar agrees that even if other functions’ budgets may get curtailed and hiring may be frozen, he believes that infosec and resiliency related priorities would get the required support. Although it may come in phases.
With the constraints on spending, focus is going to be on fundamentals, says Satheesh Kumar PRV, CISO, Garrett Motion.
“It’s not only about tech widgets, focus will be on closing the gaps between organization standards and practices followed on the ground, driving cyber hygiene such as vulnerability remediation, etc.
Budget Cuts for Cyber Security
On the other hand, there are a majority of others who think the vice-versa. They think that investments on security will decrease. According to a new PwC survey, business leaders are looking at ways to minimize and manage business impact, including cutting expenses, with more than half considering deferring or cancelling planned investments. Of planned initiatives, 2% are considering cybersecurity and privacy budget cuts, while 53% are looking at reduced IT spend.
According to Sanil Nadkarni, Global CISO and VP at SLK Global, many ITES and BPM Organizations are propelled to mobilize the systems which includes desktops and laptops at employee’s house in a short time to enable employees to Work from home. He feels that with the view to enable the systems to work from home, security may be overlooked.
“Having said that many clients are not willing to waive off the risk liability mentioned in the contract. Perils of data leakage increase manifold due to such arrangement. Organizations should be tightening the reins of all the systems for work from home,” he concludes.
On the condition of anonymity, another cyber security expert feels that the coming quarters are going to be tough, financially and that companies will tighten their purse strings. And, unless a company has suffered a breach, it is likely that spend on security may be curtailed.
“Prospect theory says that when it comes to loss events, humans take a gamble on the riskier approach. Security is framed as a loss event (probability of losing data, access or control). When it comes to security, it is no surprise that leadership behaviour is to bet on the riskier approach (in this case, not investing money),” adds the expert.
Disclaimer: Views are personal and do not reflect the organization.
Image credit: pixabay