Image: Shutterstock/romania

Cybersecurity risks in the enterprise show no signs of slowing down, as the sophistication, frequency, and consequences of cyberattacks continue to evolve and grow. Toss in the COVID-19 pandemic and supply chain disruptions, and it’s no wonder that enterprises are shifting their cybersecurity strategies.

How successful are they? TechRepublic Premium ran a cybersecurity strategy survey to better understand where businesses stand on various security-related topics. It asked questions regarding how the COVID-19 pandemic has affected cybersecurity strategies, how concerned companies are about security risks for supply chains and the types of cybersecurity tactics and measures companies have implemented or will implement in the next 12 months, among others. This year’s results were compared to a similar survey conducted last year.

SEE: Cybersecurity strategy 2021: Tactics, challenges and supply chain concerns (TechRepublic Premium)

Overall, the majority of respondents (83%) reported being either “very” or “somewhat” confident in their company’s current cybersecurity strategy. Further, 32% of respondents said that their company’s cybersecurity strategy is developed in real-time as needed or is a formal policy that is reviewed on a regular basis and is adjusted as needed.

However, 17% of respondents reported their companies have no strategy in place. While 19% of respondents either work in companies that might have a formal policy that is rarely reviewed, or they are unsure of their company’s strategy. 

These numbers are an improvement over a similar survey conducted last year, which reported that 28% of respondents’ companies had either no strategy in place or had an out-of-date policy that was rarely (if ever) reviewed. 

SEE: Cybersecurity strategy 2021: Tactics, challenges and supply chain concerns (TechRepublic Premium)

Worker shortages, lack of materials and COVID-19-mandated shutdowns have created supply chain bottlenecks and exposed supply chain security flaws. So, it’s not surprising that a majority of respondents (64%) indicated that their companies were concerned about security risks for supply chains. 

Respondents plan to counter these challenges with solutions like adding two-factor authentication or authentication codes to all software and hardware (22%), including security requirements in every RFP and contract (16%) and working with vendors onsite to address any vulnerabilities and security gaps (16%) and limiting vendor access to software (14%). 

Only 3% of respondents have not implemented nor plan to implement any supply chain cybersecurity measures.

SEE: Cybersecurity strategy 2021: Tactics, challenges and supply chain concerns (TechRepublic Premium)

COVID-19 has also led to shifts in cybersecurity strategies in roughly a quarter of respondents. For example, 23% of respondents reported that due to the pandemic their company revamped or plans to revamp their cybersecurity strategy, and 22% of respondents increased or plan to increase their budget allocation for cybersecurity. 

According to last year’s cybersecurity survey, the single biggest challenge respondents reported was employee training with 47%. In this year’s survey, employee training ranked second (with 16%) behind constant and evolving threats requiring more complicated solutions (with 21%). In the 2020 survey, that response came in second with 46%.

Also in line with last year’s results, hybrid cloud remains the top modern technology that businesses fear implementing the most. One notable change from last year was that edge computing came in second, with 20% (whereas it was third in 2020 with 26%). Also, artificial intelligence came in third this year (with 20%), whereas it was second last year (with 34%). In addition, containers dropped from 20% last year to 6% this year. 

The infographic below contains selected details from the research. To read more findings, plus analysis, download the full report: Cybersecurity strategy 2021: Tactics, challenges and supply chain concerns (free for TechRepublic Premium subscribers).