In the wake of large-scale breaches like that of last year’s poster children Home Depot and Sony, there is understandably some concern for security in the enterprise sector. After all, these attacks – especially in the case of Sony – were considered some of the worst episodes in the history of U.S. corporate breaches, according to Business Insider.
After seeing what happened to these organizations at the hands of hackers and the consequences that followed, many companies are placing an even higher focus on cybersecurity efforts than they have in the past. And as data protection has been a target priority for many enterprises over the last few years, this ensures lofty goals for information safeguards this year.
In order to make many of these initiatives happen, financial backing is needed. For this reason, many businesses are looking to expand their cybersecurity budgets to ensure they have everything needed to increase protection at their organization.
Concern sparks increased security spending
According to a 2015 Piper Jaffray survey, the vast majority of CIOs – 75 percent – noted that security was a top priority for the year and that their companies would increase spending to support the initiatives. This comes in comparison to last year, where security was still a main focus, but only 59 percent of CIOs said they had plans to boost their budgets in this area.
The report noted that previous attacks in the enterprise sector are likely driving this increased spending.
“CIOs clearly have heightened concerns from the many security breaches that occurred in 2014, resulting in an inflection in overall security spending,” the report stated, according to Business Insider.
Many company leaders will use their inflated security budgets to investigate emerging protection technologies and other new approaches to preventing breaches. Steve Herrod of General Catalyst told Business Insider that this will be the strategy his firm will utilize this year.
“It’s clear the current approaches to security aren’t cutting it, which is why the security space is one of my biggest personal focus areas,” Herrod said.
Grants support security research
The Piper Jaffray report isn’t the only survey to determine these results. According to separate research, officials and administrators across the board are looking to increase security, and will expand their allotted spending to support these goals.
CIO contributor Kenneth Corbin reported that security is also a concern on the federal level, with the National Association of State CIOs recently receiving a $100,000 grant from the Department of Justice. The funding will be utilized to study, establish and promote “repeatable practices for responding to a cyber incident and deploying cyber analytics across state governments,” Corbin wrote.
NASCIO also participated in a study with research group Deloitte, which revealed that CIOs are beginning to understand what makes their organizations targets for cybercriminals. The report found that company leaders admitted that the consumer information they house in their applications and technological systems is attractive to hackers, and can cause them to be the victims of breach and attack.
The Deloitte study also found that many government groups don’t have a concrete plan in place for responding to a breach, including launching an investigation based on digital forensics to pinpoint the source of the attack. NASCIO Executive Director Doug Robinson noted that a main goal of the organization is to ensure that state officials are on the same page as far as cyber threat analytics. However, in order for this to happen, there will need to be financial backing for data protection initiatives.
“The improving economy and states’ growing commitment to cybersecurity have led to an increase – albeit small – in budgets,” the Deloitte report stated. “Nevertheless, budgets are still not sufficient to fully implement effective cybersecurity programs – it continues to be the top barrier for CISOs.”
How to spend security budgets: Encryption
While there are no doubt a number of strategies, research and protection technologies that companies can put their increased security budgets toward, one that should not be overlooked is encryption. According to Trend Micro, many organizations have already allotted funding for encryption in the wake of recent breaches.
“Improving security postures has been important to companies for a while now, but a greater level of attention has been paid to implementing data encryption in recent months as more attacks targeting specific pieces of information take place,” Trend Micro stated.
Trend Micro recommended that company leaders inventory the sensitive information they have within their systems in order to gain a full picture of their data and to better decide what content warrants encryption. This protection technology, along with robust central data management policies, can go a long way toward helping to prevent an attack, and should be a main part of enterprises’ security strategy.