4 out of 5 organisations to significantly increase cybersecurity budgets in 2022
Four out of five organisations are increasing cybersecurity budgets for 2022. While half of security decision-makers say the cyber skills gap will significantly impact their 2022 strategy.
According to a recent Neustar International Security Council survey, 81% of organisations have committed to bolstering their cybersecurity budgets for 2022. It found nearly one-quarter (24%) of respondents are increasing allocations between as much as 31% to 50% over this past year, while more than four in ten (41%) are raising budgets 11% to 30%.
"As the cyber threat landscape continues to evolve, organisations are recognising an urgent need to scale their systems and processes to keep at least one step ahead of bad actors," says Neustar Security Services senior VP, Solutions, Carlos Morales.
"Our latest data indicates that top-level executives and board members are well aware of the business implications of security gaps, and it's edifying to see that organisations have support all the way up the leadership chain to make the necessary investments to protect themselves and their clients."
The survey found that organisations largely have top-down buy-in to strengthen cybersecurity measures. Among survey participants, 93% report that cybersecurity planning involves board members' input, with 63% noting that their board's active involvement is significant.
This engagement is seen as critical, particularly as organisations seek to intercept what they perceive as growing threats from criminals and unknown actors. As attacks increase in complexity and sophistication, 88% of organisations anticipate the cyber skills gap will impact their 2022 security strategy. Half say they expect a significant impact and will need new team members to execute their security strategies for 2022. Only 12% of the respondents feel that a cyber skills gap will not impact their chosen course of action.
"Many organisations are looking to external partners to help close this gap," says Morales. "Seventy-one percent of our survey respondents say they plan on increasing their reliance on third-party vendors."
He says building up existing teams will also be a priority, with 56% planning to add new team members in the coming year.
Half the survey respondents say their organisation currently holds a cyber insurance policy, and 94% find it a worthwhile investment. While another 22% of organisations plan to take out a policy in 2022, and 18% have the prospect under consideration.
DDoS attacks are considered among the greatest concerns in terms of cyber threats, with system compromise and ransomware rounding out the top three concerns in the survey period. Three-quarters of enterprises confirmed that they had been on the receiving end of a DDoS attack at some time, only a slight increase over the previous reporting period, but a significant leap over the 59% reported pre-pandemic.
"Organisations largely recognise that they cannot prevent cyberattacks, but in today's market, they do have access to a broad array of tools and services to create defence-in-depth," says Morales.
"By engaging the right partners, organisations can take meaningful steps toward achieving their cybersecurity goals while taking some pressure off of themselves to bring new talent into a very tight market for cybersecurity expertise."
The NISC survey was completed in November 2021 to reflect activity and concerns in the most recent reporting period, September and October 2021.