IT leaders are turning to outsourced cybersecurity support in response to the spike in cyberattacks since the start of the COVID-19 pandemic. Eighty-three percent of decision-makers with in-house cybersecurity teams are considering outsourcing to a managed service provider (MSP) within the next six months. That’s one of the top findings from a new survey of 500 IT leaders by Syntax.
Syntax conducted the survey in the US in October 2020 to assess how the global pandemic affected their businesses and strategic decisions. All respondents were at the senior management level or above and worked at companies with more than 500 employees and at least $500 million in annual revenue.
SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)
The survey found that IT teams are looking for new cybersecurity solutions, optimizing best practices for remote work, and permanently enabling cloud infrastructure. The survey identified these trends among IT leaders:
- A strong trend toward outsourcing cybersecurity to MSPs
- A disconnect between cloud issues and cloud spending
- A renewed focus on data analytics in the IT department
- A rare opportunity to win more buy-in from the C-suite
The report authors also noted that IT leaders should use the recent success from the rapid move to remote work to win over senior leaders who have not been paying attention to modernization efforts. Forty-seven percent of respondents said that fellow company leaders do not support these transformation efforts. That was the top barrier to accelerated digital transformation, along with knowledge gaps of users within the organization and slow adoption of transformation initiatives by employees.
The survey also found that data analytics projects are back on the top priority list. Fifty-five percent of IT leaders from the survey plan to invest in analytics and business intelligence in 2021. This represents a shift from 2020 when 42% of respondents said they had to shift focus away from these priorities.
Here is a look at two of the report’s findings about security and cloud infrastructure.
Outsourcing IT security
The survey found that IT leaders want to improve security in all areas of IT: cloud, employee training, business continuity, and disaster recovery. Respondents also reinforced the other survey findings that cybersecurity attacks have gotten worse since March 2020, with 77% of IT leaders saying cyber attacks were more frequent after COVID-19 started.
The survey found that IT leaders are not getting what they need from current security tools, namely strategic advice about how to handle these varied threats. Only 9% of respondents now outsource security operations. That number could change dramatically in 2021 as 83% of respondents are thinking about switching to MSPs to provide daily security operations.
In addition to outsourcing cybersecurity work in general, 56% of IT leaders are planning to spend 40% of their budgets on cybersecurity. These are the top three planned purchases:
- Threat intelligence
- Bot detection
- Vulnerability scanning
Based on the significant swing toward using MSPs for security, the report authors predict that this will become the industry standard. The survey found that the factors that influence a vendor selection are:
- Security certifications
- Advanced knowledge on cybersecurity metrics
- Pressure from business leadership
- Access to the best and safest security systems on the market
- Actionable counsel on cyberthreats and attacks
Cloud concerns don’t match cloud spending plans
The survey also asked IT leaders about cloud deployments. Just over half of survey respondents said that security was the biggest challenge with cloud infrastructure. However, improving cloud security did not show up in the top three spending priorities. IT leaders said they will be making investments in increased storage and flexibility, multicloud and/or hybrid cloud capabilities, and system maintenance in 2021. The report authors note that security is a basic building block of all these functions and write that “the more security vulnerabilities are minimized, the greater chance your business has to continue running or recover from unforeseen events like cyberattacks, IT equipment failures, and natural disasters.”