Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Cybersecurity training for employees is the most popular IT investment among US companies this year

Cybersecurity training for employees, as well as the purchase of cybersecurity solutions/services (61% each), are the most popular IT investments among US businesses this year, according to the newest research by NordLayer, a network security solution for businesses. The majority of US companies (67%) have in-house cybersecurity specialists to take care of that, while 24% outsource such services.

"IT and cybersecurity budgeting are two different segments of financing. IT covers overall technology investments, including hardware, software, personnel, and cybersecurity. Because cybersecurity is just a fraction of the grand scheme, it explains why budgets can be tight and sometimes even non-existent," says Carlos Salas, a cybersecurity expert at NordLayer.

Additionally, the same research shows that the most prominent types of cyberattacks in the US from the last year were malware (44%), phishing (36%), and social engineering attacks (28%). As a result, financial damage varies from losses of up to 5,000 US dollars for 41% of companies, and to over 10,000 in the US dollars for 22% of surveyed US companies. Numbers could be even higher because as much as 15% of companies were not able to disclose how much they lost due to cyber incidents. 

What cybersecurity solutions are currently in use among US companies?

Research reveals that American companies combine different measures to achieve security. More than 8 out of 10 companies utilize antivirus software (84%). Secure passwords (74%) and file encryption (70%) are the second-highest priority when creating security policies within organizations at the moment.

Business virtual private networks (VPNs) maintain their popularity in securing organization network connections, with over half (60%) of companies using them. Cyber insurance (46%) is a relatively new solution making its way to business cybersecurity, although its focus is on covering the consequences of an incident rather than preventing it. 

Almost half of US companies plan to allocate up to 24% of their organizational budget for IT needs in 2023

Spending on cybersecurity solutions, services, and applications will remain a priority (62%) in the 2023 budget. Besides cybersecurity training and the purchase of cybersecurity solutions (61% each), American companies will devote slightly less budget to hiring dedicated staff for cybersecurity questions (54%) and external cybersecurity audits (42%).

The research shows that almost half of US companies (37%) plan to allocate up to quarter of their organizational budget for IT needs in 2023, and another 29% of respondents plans to invest up to half of their budget. Only 4% of companies said they don't plan to invest in cybersecurity in 2023, out of which the majority are small companies.

"Business budgeting tendencies show that cybersecurity investments receive only a small part of the allocated IT budget. Cybersecurity funds must be distributed wisely to ensure valuable outcomes, prove the chosen security direction effective, and minimize resources' waste," says Salas.

What cyberattacks are experienced in small, medium, and large companies?

NordLayer surveyed organizations of various sizes, revealing some similarities and differences between cyberattacks and company size. Speaking of similarities among all sizes, phishing (39%) is the overall most prominent, followed by malware (34%).

Small businesses are more likely to experience identity theft (12%) or data breaches (11%) than insider threats (2%) or social engineering attacks (5%). Also, small businesses experience the lowest number of cyberattacks - 42% of respondents did not face them.

Medium enterprises tend to suffer from malware (43%), social engineering (30%), and insider threats (29%). Compared with the other two categories, medium-sized businesses were exposed most to data breaches (34%) and DDos/DoS attacks (27%).

Large companies experienced the most cyberattacks - as much as 92%. Organizations of such size experience malware (43%) slightly more often than phishing (42%). They experience the same amount of data breaches and identity theft (27%) attacks, while ransomware is the least expected (19%).

Companies should allocate a budget for cybersecurity

The mantra "cybersecurity keeps evolving - so do cyber threats" remains relevant today, emphasizing the need for strengthening business protection measures. Choosing comprehensive cybersecurity tools and solutions helps to achieve the flexibility needed to adapt to dynamic technological and risk change. A sufficient budget is key.

Salas also shares his tips on securing organizations: "No business is too small to experience a cyberattack. My recommendation for organizations of all sizes is to have a strong cybersecurity strategy. It should have the mindset that every employee is responsible for cybersecurity, not only the IT department. Speaking of concrete tools within the strategy, the company should have cyber mitigation and remediation solutions as well as backup plans for threat scenarios. Also, invest in employee training and dedicated staff for cybersecurity matters."
Published Tuesday, June 27, 2023 2:59 PM by David Marshall
Get This Featured White Paper: Digital Resilience - Elevating Your Data Protection with Nutanix and HYCU
You may also be interested in this white paper: The Rise of Shadow Encryption: Combatting the Next Generation of Ransomware
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Customer Connect
Global Digital
DTX
DTW-NA
innovatrix
GISEC
global-digital-cx
vExpert
Calendar
<June 2023>
SuMoTuWeThFrSa
28293031123
45678910
11121314151617
18192021222324
2526272829301
2345678