PwC: Security is No Longer an IT Cost Center
Many organizations no longer view cybersecurity as a barrier to change, nor as an IT cost.
That’s the word from the Global State of Information Security Survey 2017 from PwC US, which found that there is a distinct shift in how organizations view cybersecurity, with forward-thinking organizations understanding that an investment in cybersecurity and privacy solutions can facilitate business growth and foster innovation.
According to the survey, 59% of respondents said they have increased cybersecurity spending as a result of digitization of their business ecosystem. In this process, organizations not only create products, but also deliver complementary software-based services for products that extend opportunities for customer engagement and growth.
“There is a distinct transformation in how business leaders are viewing cybersecurity and technology—no longer seeing technology as a threat and understanding that cybersecurity is a vital component that must be adopted into the business framework,” said David Burg, PwC’s US and Global Leader, Cybersecurity and Privacy. “To remain competitive, organizations today must make a budgetary commitment to the integration of cybersecurity with digitization from the outset.”
Survey results also found that as trust in cloud models deepens, organizations are running more sensitive business functions on the cloud. Today, the majority of organizations around the world—63% of survey respondents—say they run IT services in the cloud. Additionally, approximately one-third of organizations were found to entrust finance and operations to cloud providers, reflecting the growing trust in cloud models.
“The fusion of advanced technologies with cloud architectures can empower organizations to quickly identify and respond to threats, better understand customers and the business ecosystem, and ultimately reduce costs,” added Burg. “Cloud models have become more popular in recent years, and that trend will likely only continue as the benefits become increasingly clear.”
According to survey respondents, organizations are also embracing both managed security services and open-source software to enhance cybersecurity capabilities, signaling that businesses are making cybersecurity a priority despite many not having the necessary in-house capabilities and an overall lack in talent to fill key positions. More than half (53%) of respondents employ open-source software and 62% of respondents say they use managed security services for cybersecurity and privacy—relying on managed security services for highly technical initiatives such as authentication, data loss prevention and identity management.
"Designing and implementing a cybersecurity and privacy program is challenging enough, but once a program is in place components must be thoroughly integrated, professionally managed and continuously improved. As this can be difficult for resource-constrained organizations, many are adopting managed security services and utilizing open-source software,” said Bob Bragdon, SVP/publisher of CSO.
Photo © Maridav
Source: Information Security Magazine