Security spend will rise for 2018 but the right investments in security is needed.
Research from Gartner has found that security spending is to hit $96 billion globally in 2018, a rise of 8 percent from 2017 as organizations become react to the emerging cyber threats, new data protection laws and a shift to the digital business model.
Given the global malware attacks of WannaCry and NotPetya and highly publicized data breaches, organizations are taking security seriously in the hope of avoiding being tomorrow’s next big breach headline. This statement is also backed by the fact that security risks and data breaches were the top reasons for increased security spend in 2016, which was also found by Gartner.
Compliance will also be a major factor for increased investment in security as new laws and regulations over data protection have clearly stipulated what is required. The highest profile change in legislation is in the introduction of the General Data Protection Regulation, which comes into force in May 2018. GDPR demands that any company handling the sensitive data of EU citizens to implement and adhere to strict data security requirements. Neglecting these guidelines and fines of up to 4% of the organization’s annual turnover will be issued to those held accountable.
By 2020, Gartner also predicts that more than 60 percent of organizations will invest in multiple data security tools such as data loss prevention, data-centric audit protection tools and encryption.
While the threat of fines will largely be driving security spend in 2018, it is worth remembering that it’s about investing in the right products. What’s that old cliché…quality over quantity? With a huge array of vendors promising to solve compliance woes, organizations must think about what GDPR ultimately comes down to and that’s firstly data protection and secondly being able to audit and report on the use of that data - quickly.
Encryption is strongly advocated by those within the cyber industry and is touted as being the most secure method for data protection which will also help address many GDPR compliance concerns. An encryption gateway that adheres to the highest standards and offers reporting and flexibility will be a crucial part of businesses future-proofing their security efforts. Companies need to understand that the protection of their customers’ sensitive data is their responsibility and this crucial fact is what needs to be drilled home.