If you’ve noticed the growing number of cyberattacks in the news since the start of the pandemic, you aren’t imagining things. Complaints to the FBI’s Cyber Division are up 400% from prior to the pandemic and come especially from small and medium-sized businesses.
Roughly 56% of companies in a CrowdStrike survey reported being targeted by ransomware in the last 12 months, for example, paying an average of $1.1 million USD in ransom to have their data and systems decrypted. This is part of a growing trend. In 2019, 39% of organizations who had fallen victim to ransomware paid to recover data, up from just 14% in 2018.
And then there are the high-profile breaches that made the headlines.
In late 2020 the hack of network-management firm SolarWinds by Russian-based hackers shocked the cybersecurity industry. This breach—which might have been in place as early as October 2019—potentially exposed 79 of the Fortune 100 companies and up to 300,000 other businesses to compromise. Known targets in the United States alone include upward of 250 federal agencies, including the departments of State, Treasury, Commerce, Energy and Homeland Security, and corporations like Microsoft and security firm FireEye.
Combine all this with this month’s ransomware attack against the Colonial Pipeline, which carries almost half of the gasoline, diesel and other fuels used on the US East Coast, and it’s no wonder that IT budgets are set to rise in 2021.
The Cost of Improving Cybersecurity Protections
A recent Syntax survey of 500 IT decision-makers found 56% of IT leaders plan to spend more than 40% of their IT budgets on cybersecurity in 2021 due to the growing threat throughout the pandemic. 90% of these leaders reported already having purchased new cybersecurity tools to combat malicious actors attacking their systems.
None of this comes cheap, of course. Overall, global IT spending is expected to rise 6.2% to nearly $4 trillion US this year as securing systems in this new and unexpected era of work-from-home looks set to become a permanent feature of the modern working world. Beyond a temporary pandemic accommodation, permanent remote work projects will double in 2021 to become a fixture of working life for millions worldwide.
Adapting to the New Normal of Cybersecurity
One other key takeaway from the Syntax survey was that just 9% of organizations currently outsource their security operations to a cybersecurity managed services provider (MSP). However, 83% of those who currently have in-house security personnel or a security operations centre indicated that they would be exploring outsourcing within the next six months.
The reasons for this are not surprising: 79% of these companies had to reduce staff during the pandemic-induced economic downturn, and that included IT professionals. As with so many sectors, the pandemic accelerated longer-term trends toward digital transformation that was already underway. The move to security outsourcing and increased reliance on automation are prime examples.
The growth of cloud computing and its role in facilitating a remote workforce during the pandemic is also a significant consideration for cybersecurity from now on.
Cloud adoption is one of the fastest-growing areas in IT. As it becomes the predominant operating infrastructure, organizations of all sizes will need to ensure that these systems are safe, secure, and routinely monitored. This is one function where MSPs are ideally positioned to support (or replace) in-house security solutions.