Remote work sending IT security budgets out of control: Study

The need for organizations to better manage and secure the devices and applications that employees are using to access corporate resources in the new Everywhere Workplace is a primary budget growth driver

Remote work sending IT security budgets out of control: Study - CIO&Leader

IT security budgets are spiralling out of control as organizations adapt to the Everywhere Workplace, according to Ivanti’s study. Almost all CISOs (92%) highlighted the need to deploy additional security measures to better enable and secure employees as they work from anywhere as the primary budget growth driver. Four in five (80%) CISOs also pinpointed the need to replace passwords with more secure forms of authentication.

The study, which polled 400 CISOs across EMEA, found that the average IT security budget last year was over EUR 64 million, and 81% expect this to increase over the next 12 months. When pressed on the specific software solutions they plan to invest in during the next year, unified endpoint management (UEM) and biometric authentication solutions came out on top. Despite CISOs claiming that over two-fifths (41%) of their overall security budget was spent on UEM software in the last year, four in five (80%) said they expect investment in specialized UEM software to increase over the next year. This increase in investment is primarily to manage and secure the mass influx of devices attempting to access corporate resources as employees work from anywhere.

Seven in ten (70%) CISOs claimed that their organization’s reliance on biometric authentication to enable remote access to business data would increase, with a quarter (24%) saying it would significantly increase. The heightened focus on biometric authentication is likely due to the significant growth in phishing attacks.

According to Verizon’s 2020 Data Breach Investigations Report, 22% of breaches in 2019 involved phishing, but 75% of organizations around the world experienced some kind of phishing attack in 2020. The top type of data compromised in these phishing attacks is credentials, including passwords. By adopting mobile device authentication with biometric- based access, organizations can eliminate the primary point of compromise in phishing attacks. When asked how their investment in biometric authentication solutions would change compared to last year, 70% of respondents stated their investment would increase, while 22% said it would greatly increase.

Nigel Seddon, VP EMEA West, Ivanti said: “The emergence of the Everywhere Workplace has led to an explosion of remote devices attempting to gain access to corporate resources. This new distributed work landscape has created a huge headache for CISOs worldwide as the influx of devices has provided cybercriminals with multiple new vectors to try and exploit. CISOs need to ensure they have full visibility into all devices trying to access their company network and then manage and secure those devices to the best of their ability.

As a result, IT security budgets are spiralling out of control. To better manage IT and software spending, CISOs should consider implementing spend intelligence technology. Spend intelligence provides insight into software landscapes and application spend across all IT environments improving operational speed, asset visibility, and can cut costs. Spend intelligence, coupled with a zero trust approach to secure digital assets from cloud to edge by verifying each asset and transaction ahead of permitting access alongside biometric authentication, will create a stronger security standard, improve the user experience, control IT security spend, and help remove pressure from help desks optimizing IT environments.”


Add new comment