Cybersecurity Spending Areas to Evaluate

According to a January 28,2022 article in CFO, written by Bob Violino, as computing environments change and bad actors switch tactics, most organizations will need to increase or redirect their investment in cybersecurity. “The goal, of course, is to better protect the organization against infiltrations of its computing assets while allocating dollars efficiently.”

There are several areas in which companies should be shoring up their defenses and analyzing expenditures.
• Threat Detection and Monitoring. Organizations generally need to be more proactive about cybersecurity, deploying products that detect signs of intrusion early. “Invest in cyber tools and solutions that help monitor vulnerabilities and detect potential cyber threats. These tools will act as an early-warning system and limit the damage from an attack.” Identity-focused products that support a zero-trust security strategy are essential, given the increasingly large numbers of remote workers.
• Hybrid and Multi-Cloud. The rapid move to the cloud and the emergence of hybrid and multi-cloud environments means companies need solutions to protect data everywhere.
“Dynamic security controls support security from wherever users and devices connect. In some cases, the approach may require security delivered as a service. Also gaining traction are cloud-based frameworks and technologies that deliver multiple product capabilities within a single platform, like secure access service edge (SASE), extended detection and response (XDR), and endpoint protection platforms (EPP).”
• Risk Assessment. Many organizations use cybersecurity “maturity assessments” (also called cyber-risk quantification) to prioritize budget allocation. “A maturity assessment is a gap analysis that utilizes best practices and recognized frameworks to answer questions about a company’s security program. Maturity assessments, however, are only annual… Reacting to and mitigating security threats demands continuous assessment of cyber risk exposure and quick-response strategies. Tools for continuous threat monitoring and dashboarding track real-time risk exposure and potential business impacts in language tailored to C-level executives.”

For much more excellent advice, go to 5 Cybersecurity Spending Areas to Evaluate (