Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Budget. Show all posts
IT Sector
Budget Cyber Security cyber security teams Cyber Threats IT Sector

Security Budgets Rise Slowly, But Hiring Slows Down, Research Shows


 

According to the report by IANS Research and Artico Search, there is indeed a fair probability that expanded security budgets will continue to rise in 2024, albeit at a slower pace compared to the last couple of years. For this year, security spending has been jacked up some 8%, one notch higher than the 6% increase in 2023. That's still miles away from the increases of 16% and 17% seen in 2021 and 2022, respectively.

Meanwhile, the security budget grew rather insignificantly, and the share of security spending in an IT portfolio has grown from 8.6% in 2020 to 13.2% in 2024. This means that cybersecurity is finding its place as one of the critical components of an IT setup—at least for organisations which depend most on digital technologies today.

Security teams must become the protective force of organisations but are perennially challenged to not get subjugated by competitive priorities and small budgets. "Security is getting pulled closer to the core of the business," said IANS Senior Research Director Nick Kakolowski. "While the level of protection desired by companies goes up, the tools and skills given to security teams fall short of what would satisfy their growing expectations.".

Reduction in the Recruitment of Security Personnel

One of the most striking trends underscored in this report is the remarkable shrinkage in hiring that is taking place in the cybersecurity sector. Security teams were 12% higher in 2024 than a year earlier, but that growth was slower compared to the 31% jump in 2022 and a 16% increase in 2023. This takes place at a time of general economic uncertainty, with businesses placing greater control on the management of their overall costs.

While security remains a top priority for most organisations, economic pressure has held businesses back from increasing teams at the same rate. With shrinking budgets, most security teams have no alternative but to do more with less, further compounding the task of keeping pace with an unprecedented surge in threats. 

The Future of Cybersecurity Spending Analysts note that, with the world of business strategies hinging on cybersecurity, the budgeting for security will remain on an upward trend albeit at a slower and more incremental pace. The reasoning is that business success increasingly calls for comprehensive security due to increasing dependence on digital technologies in all its functions. Currently, security investments are set to reach $212 billion by 2025; Gartner has 15% growth estimated over its forecast levels by 2024. That kind of projection accentuates beliefs that spending on cybersecurity is going to remain one of the most critical investments for companies. Overall, with continued rises of security budgets—cybersecurity is on a higher spending bracket than IT budgets; the slow hire rate actually points to the hardship organisations face in trying to grow their security teams as fast as they would want. Because another major business function is the need for organisations to strategically pay attention not only to investment in but also to the management and sustainability of their security postures, especially in periods of economic disfavour.

Read more »
threats
Awareness Budget Cyber Security Cyberattacks CyberCrime Data Education Internet National Cyber Security Centre phishing Protection Ransomware Schools SonicWall Students threats

Fortifying Cybersecurity for Schools as New Academic Year Begins

 

School administrators have received a cautionary alert regarding the imperative need to fortify their defenses against potential cyberattacks as the commencement of the new academic year looms. 

The National Cyber Security Centre has emphasized the necessity of implementing "appropriate security measures" to safeguard educational institutions from potential threats and to avert disruptions.

While there are no specific indicators of heightened threats as schools prepare to reopen, the onset of a fresh academic term underscores the potential severity of any cyberattacks during this period. 

Don Smith, the Vice President of the counter-threat unit at Secureworks, a cybersecurity firm, has highlighted the current transitional phase as an opportune moment for cybercriminals. He pointed out that the creation of new accounts for students and staff, as well as the school's approach to portable devices like laptops and tablets, can introduce vulnerabilities.

Smith explained, "Summer is a time when people are using their devices to have fun, play games, that sort of thing. If you've allowed teachers and pupils to take devices home, or let them bring their own, these devices may have picked up infections and malware that can come into the school and create a problem."

Last September, six schools within the same academy trust in Hertfordshire suffered internal system disruptions due to a cyberattack, occurring shortly after the new term had started. 

Additionally, just recently, Debenham High School in Suffolk fell victim to a hack that temporarily crippled all of its computer facilities, prompting technicians to work tirelessly to restore them before the commencement of the new term.

Schools are generally not the primary targets of concentrated cyberattack campaigns, unlike businesses, but they are considered opportunistic targets due to their comparatively less robust defenses. 

Don Smith emphasized that limited budgets and allocation priorities may result in schools having inadequate cybersecurity measures. Basic digital hygiene practices, such as implementing two-factor authentication and keeping software up to date, are crucial for safeguarding vital data.

Moreover, it is imperative for both students and teachers to be regularly educated about cybersecurity threats, including the importance of strong passwords, vigilance against suspicious downloads, and the ability to identify phishing attempts in emails. Mr. Smith noted that cybersecurity is no longer solely the responsibility of a small IT team; instead, all users are on the frontline, necessitating a general understanding of cybersecurity fundamentals.

A recent study revealed that one in seven 15-year-olds is susceptible to responding to phishing emails, especially those from disadvantaged backgrounds with weaker cognitive skills. Professor John Jerrim, the study's author, emphasized the need for increased efforts to help teenagers navigate the increasingly complex and perilous online landscape.

The National Cyber Security Centre, a division of GCHQ, has previously issued warnings regarding the growing prevalence of ransomware attacks targeting the education sector. Ransomware attacks involve criminals infiltrating a network and deploying malicious software that locks access to computer systems until a ransom is paid. Although ransomware attacks temporarily declined during the first quarter of 2023, they have been steadily increasing since then.

SonicWall, a cybersecurity company, emphasized that schools, being repositories of substantial data, are attractive targets for hackers pursuing financial and phishing scams. As schools rely more heavily on internet-based tools in the classroom, they must prioritize cybersecurity, both in terms of budget allocation and mindset, as the new school year approaches.

In response to these concerns, a spokesperson for the Department for Education affirmed that educational institutions bear the responsibility of being aware of cybersecurity risks and implementing appropriate measures. This includes establishing data backups and response plans to mitigate potential incidents.

"We monitor reports of all cyberattacks closely and in any case where there has been an attack, we instruct the department's regional team to offer support," they added. "There is no evidence to suggest that attacks like this are on the rise."
Read more »
Subscribe to: Posts (Atom)