Spiceworks Ziff Davis’ annual State of Information Technology report, a global marketplace that connects technology buyers and sellers with the most accurate and actionable statements of intent, shows that spending on managed services is expected to increase in 2022. One specific area that will continue to grow is services Managed security. According to the report:
“In 2022, companies are expected to spend a much larger portion of their IT budgets on security services. In fact, companies with larger attack surfaces are likely to increase IT spending due to security concerns in general.”
Cyber security experts are pleased that companies are finally ready to spend more on security, and mid-sized companies are expected to increase revenue in 2022 from this trend. But how does Ziff Davis show the allocation of security budgets? How do independent experts view changing priorities?
Comprehensive security solutions is a must
According to the State of Information Technology report, employee security training (ESTT) tools are expected to be the largest security expenditure in 2022.
“Companies can no longer focus on individual solutions, they have to be comprehensive. Tools used to train employees on security protocols can be everything from cloud-based solutions to end-user education,” says Mike Medford, a cybersecurity specialist in Honolulu. “It used to be that there would be more ‘silver bullets’ available to contain security threats, but that is simply no longer the case. Companies should create a wider network which is the ESTT.”
ESTT’s draw in first place is anti-ransomware. The fact that spending on anti-ransomware solutions is expected to increase should not come as a surprise as ransomware proliferated in 2022, destroying cities, critical infrastructure, and schools.
“Again, these anti-ransomware solutions need to be comprehensive, you can’t just buy software and expect all your ransomware fears to go away. Yes, software is part of it, as is end-user training, and network fragmentation,” Medford advises.
Hardware-Based Authentication (HBA) Could it be a game changer?
One trend gaining ground—one that Smarter MSP will explore further in an upcoming security article—is hardware-based authentication. A Ziff Davis State of IT report shows that 68 percent of respondents report that device-based authentication is a priority for them.
The advantage of hardware-based authentication (HBA) is that someone must physically control a device to operate it. Often these are security tokens or USB devices, so the only way a hacker can get into the system is by physically owning it.
Similar to the way a key card is required to access most hotel rooms, the only way to access HBA-protected systems is with a physical device. The same principle was standard in cars, whether it was the old key or more modern keyless cars with transponders. No key or transponder, no command.
“HBA will see exciting growth in the coming years. While cybersecurity has been a cat-and-mouse game for years, a robust HBA program can finally put some distance between cat and mouse.”
Intrusion detection and response products will become increasingly important as the post-COVID era continues to create hybrid business conditions and establish business in the cloud.
“Advances in AI make intrusion detection the equivalent of a front porch guard dog, except for products that currently offer 24/7 protection. Even the best guard dog has to sleep, not so for intrusion detection and response products, and that’s where you will witness It has a lot of growth in it,” Medford points out.
Finally, a Spiceworks Ziff Davis report cites zero-trust security solutions as a priority for 57 percent of respondents.
“I am happy to see so many organizations embrace distrust. Zero Trust says Zero Trust’s reliance on requiring all users, from CEO to gatekeeper, to be continuously authenticated, approved and licensed makes life even more difficult for hackers.
There are other areas that experts say will see growth in security budgets in 2022 that MSPs can benefit from. Among the most prepared for growth: user training.
“More and more MSPs are making user training a top priority. If a breach occurs, the MSP is often blamed and sometimes the contract is terminated. MSP has a very broad role and the security burden must shift to a common model. Users have to bear some responsibility, and this is where education will continue to play a big role,” Medford describes.
Medford also cites statistics that after proper implementation of e-health and IT training, companies have found that 80 percent of violations are preventable. Other security expenses include off-site storage of data, destruction of devices at the end of their lifespan, and strengthening the Internet of Things.
“Overall, 2022 looks like a very good year for medium and small businesses when it comes to revenue from security spending,” Medford concluded.
Photo: RossStock / Shutterstock