As enterprises increasingly embrace cloud computing and cloud services, they must also adjust their cybersecurity spending to reflect the new reality of how they’re using (or not using) their data centers and business-technology systems. The fact that there is a shift in security spending because of so-called digital transformation efforts was made clear in the recently released Global State of Information Security Survey (GSISS) 2017 -- a worldwide study conducted by PwC, as well as CIO and CSO magazines.
According to the GSISS survey, 59 percent of respondents said they are increasing security spending this year as a direct result of their digital transformation efforts. What are some of the spending priorities in the year ahead? Priorities include better business and security team collaboration, keeping new business models secure, and figuring out how to secure newly rolled-out IoT initiatives.
In the end, digital transformation seems to be often used to describe a continuation of the move to cloud computing that has always been here. And the investments into IT continue to shift decidedly to cloud. The research firm IDC found that global cloud Infrastructure sales reached $7.7 billion in the first half of 2016, growing 14.5 percent. The share of cloud infrastructure is now than a third of IT infrastructure. Private cloud revenues grew to $3.1 billion, compared to the $4.6 billion for public cloud. Legacy IT sales dropped 6.1 percent.
IDC also forecast that global security spending will reach nearly 102 billion by 2020, up from roughly $74 billion this year. Within the enterprise, it’s not just IT that is turning to cloud, but lots of business units including finance, marketing and sales, customer service, and operations all having reported in the GISS survey that they have moved some of their business functions to cloud.
How are enterprises keeping up with the increased demand for cloud and cybersecurity? By turning to services providers. While 63 percent of enterprises run cloud-based IT services, nearly the same amount are running managed security services. Enterprises are using managed security services to extend their internal security skillsets. According to GSISS, the services that 50% of more of respondents report outsourcing include: authentication, data loss prevention, identity and access management, real-time monitoring and analytics, and threat intelligence.
According to a post earlier this fall, Despite Security Fears and Digital Transformation, the Cloud Journey Continues serious concerns when it comes to security persist: 88 percent cite data security in the cloud as a top priority for competitiveness, while only 32 percent cite significant progress. That leaves quite a few organizations, well more than half, that have a security chasm that they have to close if they are to get to where they believe they need to be. There are other substantial challenges, too. These include creating an IT environment that can scale and have transparency.